⭐ Merited by ETFbitcoin (1)
I have to agree. It would appear to me that your Brainwallet will be as secure as the passphrase you used to create it. So if you choose a very difficult passphrase your brainwallet will be secure. I would assume it's the same as choosing a passphrase for your encryption vault.
I can think of two very important differences with brainwallets, versus a wallet.dat encrypted by a Bitcoin client:
1. The blockchain is like a public password file that can be passively cracked. If someone cracks your passphrase, they can steal the funds, without ever needing physical or remote access to your machine in order to copy wallet.dat.
2. Brainwallet cracking doesn't need to be targeted. It's only a little less efficient to check each candidate passphrase against the entire set of unspent outputs - every funded address on the blockchain - versus just one specific address.
A basic SHA256(passphrase) brainwallet is very dangerous, because the keys can be checked at a great rate. My ageing Core2Quad server can check around 14 billion candidate passphrases per day.
edit:
It's not. To brute force your own local encryption, an attacker needs access to your encrypted file, and dedicate all his computing power to just your case.
With Brainwallets, one attacker can brute force all existing users on the planet at the same time, and thus has a much larger chance of finding a match.
With Brainwallets, one attacker can brute force all existing users on the planet at the same time, and thus has a much larger chance of finding a match.
Okay, well you said the same thing I did, just faster...
