I've finally looked up Brain Wallet, and your scheme is essentially the same: the passphrase is used to generate or recover the private address through some complex mathematical functions.  The "brain wallet" described in the link simply uses the SHA256 hash function to generate the private key based on a passphrase.  Your "encrypted private key" uses a passphrase to scramble the private key, but you also leave a clue to help you remember the passphrase.

Essentially, in both schemes, the attacker wants to generate your private key, and to do that, he will need to guess the passphrase and perform the proper mathematical operations that would generate the private key.  In the "brain wallet" scheme, the mathematical operations are well know; that makes it easier for multiple pieces of software to be written that can generate the private key with the owner not being required to know the details of the math functions.  You are using a non-standard order of mathematical functions to generate your private key, but you are also giving the attacker information that will help him guess your passphrase, and if you do end up using the encryption procedure you've described, he also knows the math functions, so you're scheme is no more secure than the "brain wallet" plus you've given clues to your passphrase.

This thread is really a discussion about "how do I come up with a good passphrase with lots of entropy."

One alternative to coming up with a good passphrase might be to use a bad passphrase, such as "Mark Twain," but run that through the MD5 hashing function then use that output as your "brain wallet" passphrase.  An attacker assuming that your "brain wallet" was generated with a simple or complex passphrase would put things that look nothing like an MD5 result into the SHA256 function, and you would have an effectively good passphrase, but if the attacker knew your procedure (or used more sophisticated methods than brute-force), he would probably get your private key in short order.

I like the idea of an encrypted private key that you don't mind letting other people see.

But, I don't think the "key" mnemonic is a good idea. If you're going to make the effort to remember something, just spend the time developing and memorizing a good passphrase.

http://imgs.xkcd.com/comics/password_strength.png

Look at this post:

https://bitcointalk.org/index.php?topic=175636.0

I haven't looked at the presentation.

Thanks Garbaek.

The newbie post said


Is that "4 hours" counted from the time I registered, the time I first posted, or the "Total time logged in:" counter I see in the webpage header?

So, what is the website about?  I'm not going to click on a link in the Newbie forum posted by a person with less than 2 dozen posts and no description of what's on the other side.

You might be able to set it so that you only have to do 2-factor once for a particular browser-computer combination, but if you or some malicious person tries to log in from a different computer or browser, you/him will need to have your phone.

Also, it looks like Google uses the SMS/Text messaging system.

From the US Constitution Article I. Sec. 10:


I think that means that the States can't create their own currency.  If I remember my history correctly, one of the problems after independence was that all of the States issued their own currencies, making the central government's treasury and interstate trade difficult.

Here is how it works at Google:

https://www.google.com/landing/2step

https://support.google.com/accounts/bin/answer.py?hl=en&answer=180744

The block reward is halved based on the number of blocks in the chain, not on time.  The number of blocks per hour the Bitcoin mining network produces depends on the network hashing power and the network difficulty.  More hashing power will produce more blocks per hour, so the network adjusts the difficulty to try to make blocks appear at an average rate of 6 block per hour (1 block every 10 minutes).  The difficulty is adjusted every 2016 blocks, which means that if more hashing power is added to the network after a difficulty change, blocks will appear more often than once every 10 minutes and if hashing power leaves the network, blocks will appear less ofter.

So, when people say that the next reward halving will approximately occur in 2017, they are assuming that blocks will be created at the rate of 6 per hour.  That assumption isn't guaranteed to be correct because the network hashing power is variable.  It is guaranteed and certain that the next reward halving will occur at block 420000, but the exact date and time that block will be added to the chain is not certain.