Self-descriptive strengthened keying: a standard for deriving keys from seeds

[DeathAndTaxes]

No need to "roll your own" (always a bad idea in crypto). There is already a solution called Password Based Key Derivation Function (PBKDF2) which properly performs multiround hashing to increase the work required to hash a password.  However the larger problem is humans are simply horrible at selecting strong passwords.   Most passwords (even ones users believe are secure) have very little entropy.   When you have something secured by a single weak factor, it usually ends badly.

[jonald_fyookball]

Brainwallets are a Great idea but the concerns are of course legitimate.
How many people are there in the world that might want to hide money, from Govt ( or an ex wife ) in their head.
The Market potential is huge.

Could Bitcoin have been made to utilise a slower Hash function like Bcrypt instead of Sha256
Could Bitcoin be altered to use something like Brcypt which would slow down brainwallet mining and presumably
make precompiled rainbow tables too inefficient.

A future cryptocurrency or Bitcoin update ought to cater for hardening Brainwallets against attacks.

What's wrong with (Sha256(Bcrypt(PassPhrase)))

Like someone said, electrum does it right.  Their passphrase generation
process uses computer generated entropy at a high enough level,
and also uses key-stretching to add 16 more bits of security for a total of 144.

I believe their implementation solves the issues.