yeah.. I've read that "general recommendation" and none of the people who stand behind them is actually able to give me an answer on how exactly would they approach a brute forcing of a complex passphrase - one that is not just a word or a phrase from a dictionary.
~
seriously, I am not aware of any hacking tool, or even a serious theoretical paper, that would successfully address a problem of brute forcing original sentences made by a human brain. make an original sentence (one that you can't just google) of ~20 words and I am betting all my bitcoins that no man armed with the fastest computer is going to brute force it before we both die.
A agree with you, but I also agree with the general statement that
most users should stay away from brainwallets. If you know what you're doing, it can be safe. All that's left is to keep your identity secret, so the passphrase can't be tortured out of you.
Take 1000 humans, ask each of them to generate some phrase / sentence that will be used for "a password."
Tell them that the sentence may be as long as they like, but you have a very powerful computer that will try to guess the password they came out with.
Also tell them that if the computer will not guess their password in 1 year, but they still remember it, then they will be rewarded with $1000000.
I expect most of those 1000 humans to quickly write down their phrase the moment you stop observing them in your little experiment. Your powerful computer won't find it, but a neighbour can.
From my own experience, I can remember some very long passwords, and I've known them for many years. But adding a new password to my "brain list" is very difficult and takes a very long time to completely rely on my memory to reproduce it. It gets even worse if I want to use 10 different wallets.
Last year user ArcCsch had an idea for brainwallets:
Brain wallet, step-by-step guide (FIXED!)[Mod note: DO NOT USE BRAINWALLETS]. He uses a two-step brainwallet with BIP38 in between. Even though the title got adjusted to a big fat warning, the very heavy BIP38 encryption makes it much harder to brute-force than normal brain wallets.