I've heard of people losing bitcoin because they threw out a hard drive. And I've heard that you can control bitcoin with just a brain wallet (a memorized passphrase). Do you need just a passphrase, or do you also need a wallet.dat file (if you're not using an online wallet)? If someone could provide a simple explanation or point me to one I'd appreciate it.
A wallet holds one or more private keys. It does not hold bitcoins.
Holding a private key allows you to send bitcoins from an address.
A brain wallet is simply the case where you memorize a private key. In this case, your brain holds a private key so it is a wallet by definition -- a "brain" wallet. However, in this case you memorize a passphrase that is used to generate the private key and not the actual key.
People lose bitcoins when they lose a wallet file because they haven't backed up the wallet file or the private keys that it contains.
Please note that the passphrase used to unlock a wallet is simply the passphrase used to encrypt and decrypt the wallet file. It is not the same as a private key or a brain wallet pass phrase.