A downside to this new approach is that you have to keep an encrypted copy of the salt for use in re-generating the brainwallet keys.
This kinda makes it not a real brain wallet anymore.
I think essentially the problem boils down to creating
truly unique, strong passwords. "Bob is a great guy" is a very bad example, because this is by no means a strong password.
A better example would be:
Kazimir^1982^Scruffy^51^Mantenna^Raspberry
where Kazimir is my name, 1982 is my birth year, Scruffy is my dog's name (or my guinnea pig's), Blue is my favorite color, 51 is my lucky number, Mantenna was my favorite
He-Man action figure, and Raspberry is my favorite fruit. All separated by a ^ because I think it's a funny character.
No dictionary attack in the world (not even a personalized / targeted one) is gonna crack this
And a single SHA256 hash step without additional salt or trickery, surely has enough entropy to make a safe brain wallet.
And rather than
this example I would prefer uncommon, irregular words or names or numbers or phrases that have a special meaning to you. Easy for you to remember, impossible for others to guess or brute force. Be creative: the teacher from high school you hated most (and don't capitalize his name). Your favorite movie. Your first boy/girlfriend's name, perhaps spelled backwards. Your social security number. The first model game console or home computer you ever had (e.g. Commodore 64). That strange word your little brother used to yell. Your favorite pizza. You get the idea.
Don't combine too many terms though, otherwise you'll have a hard time putting everything back in place. Use some kinda scheme or logic that makes sense to YOU. Some 5 random terms or so should be fine.