private keys are set lengths because of the algorithm that is used to convert them into an address. nems wallet files/private keys work in a much different way to brain wallets. you cant use a private key unless it is the right length and only using alpha numeric codes.. the password for your wallet file will use a password and for that, there is nothing wrong with using a very long password to encrypt the wallet file which would most certainly add to security. the difference being that with brain wallets you dont need the wallet file. this means with wallet files someone would actually have to get into your computer to try and crack the wallet file appose to just booting the client and trying passwords. the odds of someone guessing your private key is so small that it doesnt need to be any longer afaik.