If you can't reveal it because you use that password in multiple places then guess what - that's how they got your password in the first place - by stealing it from some other place you used it.
indeed, it would make sense for an attacker to find as many compromised password lists as possible (hint: there was one for mtgox a while back) and use those as seeds as well.
A brain wallet when done right is perfectly fine.
Anything, done well, is perfectly fine! The problem is that there are so many bad ways to do a brain wallet, for example:
- picking a weak passphrase
- forgetting your passphrase
- not understanding Change addresses, and losing bitcoins
and it's so trivially easy to compromise a brain wallet with a bad passphrase, that it's probably better, for most users, to use an alternative form of key generation and storage. I would never recommend a brain wallet to a new user, but I would recommend blockchain.info with OTP and a strong passphrase to a new user.
Will