yeah.. I've read that "general recommendation" and none of the people who stand behind them is actually able to give me an answer on how exactly would they approach a brute forcing of a complex passphrase - one that is not just a word or a phrase from a dictionary.

they don't give the answer because they don't have any - that's the kind of 'experts' they are.
for me, they are just full of shit - what they do has zero to do with science and 100% to do with their beliefs driven by a subjective perception.

seriously, I am not aware of any hacking tool, or even a serious theoretical paper, that would successfully address a problem of brute forcing original sentences made by a human brain. make an original sentence (one that you can't just google) of ~20 words and I am betting all my bitcoins that no man armed with the fastest computer is going to brute force it before we both die.

if I wanted to crack brain wallets, I'd rather put my effort in finding a way to calculate the EC-private key from the EC-public, rather than try to brute force a creativity (or insanity) of a human brain. the first one not only seems less complex and more straight forward to me, but (most of all) it would then crack all the wallets