ou can see on the above link. Any attacker can easily brute force first few million private keys so how to prevent such attack?
Use a good software. Never use a bad wallet when generating your private keys.
What are good software? The most recommended ones:
Electrum, ledger nano, trezor, blue wallet...
You may be using a bad software, which might have a pior randomness and your private keys might be insecure. That is possible.
But if you generated your private keys using the software I suggested, there is no risk of poor randomness
1.)I checked the electrum code and it also uses RNG that just picks a random number between 1 and 2^256 so therotically RNG can a pick a 10 digit number too? or am i missing something here?
2.) Second question i have is. We all know how SHA256 can be used to convert any 'text' to a hash which is a valid private key right a.k.a brain wallets.
So say i generate a very secure private key using very secure hardware wallet. so that private key is the hash of "some text" which we don't know because SHA256 is one way function but indeed there is "some text" on which we do SHA256 will give the same private key. So my question is what if my wallet generate a key which is secure but what if that key is SHA256 hash of some 'poor dictionary word'? There's no way to check this except comparing with all SHA256 of dictionary words. It's indeed a risk right? Am i being paranoid here?