I tried it, and my browser
instantly produced a mnemonic. That means the encryption is easy to brute force.
Now compare
WarpWallet: it takes a very long time to create a private key, which means the encryption is very difficult to brute force.
If you do anything brain wallet related, at least make use of heavy encryption.
Hello, that is why I recommend you to set enough length of nonce ( > 10000 ) to make it resistant to the brute force attack.
I am also planning to adopt some powerful password-hashing functions like Argon2
https://github.com/P-H-C/phc-winner-argon2 but it will not be the default option since not many browsers or user environments support WASM and since Argon2 is not the standard yet. ( As we stated on the FAQ, we are currently only using the standard WebCrypto function to make any modern device compatible )