Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Service Discussion
Re: If you used Brainwallet.org - MUST READ! - Security Breach!
by
RoxxR
on 25/11/2013, 10:20:12 UTC
Quote from: btcdrak on November 25, 2013, 10:08:37 AM
Quote from: RoxxR on November 25, 2013, 10:07:02 AM
Quote from: btcdrak on November 25, 2013, 09:43:21 AM
Quote from: justusranvier on July 06, 2013, 04:04:10 PM
Quote from: mechs on July 06, 2013, 03:51:14 PM
The speed (seconds) with which the funds were redirected make it clear it was a bot.
I don't think you understand what a rainbow table is.

Somebody generated the exact same brainwallet you did, long before you ever thought of using that passphrase.

They've actually generated millions of brainwallets, and they're just waiting for someone naive enough to use the same weak passprases and deposit money into one of their addresses.

Anything less than 16 random words is too short as a passphrase. Not a 16 word phrase from your favourite work of literature, not some TV character's 16 word catchphrase with a few simple letter substitutions and random punctuation characters thrown in.

16 words that have never before been grouped together into the same context by any human that has ever lived.

If you can't generate and remember a random passphrase this long you shouldn't use brainwallets.

Diceware: http://world.std.com/~reinhold/diceware.html

This. And there are a couple of nice tools on this forum that easily convert dice rolls into passphrases and bitcoin addresses.

Diceware SHOULD NOT be used with anything other than dice: the entropy is not the same otherwise.

Read my post again. The tools I saw WORK WITH DICE. So, full entropy.