If you used Brainwallet.org - MUST READ! - Security Breach!

[Financisto]

an appropiate thread title might be:

"If you used Brainwallet.org - MUST READ! - weak passphrases!"

[1715431653]

1715431653

[1715431653]

1715431653

[1715431653]

1715431653

[1715431653]

1715431653

[Anon136]

Is your passphrase just too simple?

Any passphrase you can memorize is almost too simple by definition.

na not really. you just combine a long low entropy password with a short high entropy password plus something in the public record. you can remember the former because it uses real words and sentences and the latter because it isn't too long and the public record element adds security for almost no cost (in terms of effort to memorize remember it since all you have to remember is its location). combined you get the best of both worlds. they arnt going to crack it with a dictionary attack or a brute force and some sort of hybrid technique would not be very effective.

[foo]

I agree with what others have posted already, add a "rounds" parameter to the site. Asking the site owner to do this is much more productive than trying to burn him at the stake...

People can use their birth year as the rounds number and they will easily remember it. The rainbow table computers will have to do much more work, if they compute all rounds from 1900 to 2000 they will have to do 196,950 hashes per password instead of 1! (http://www.wolframalpha.com/input/?i=1900%2B...%2B2000)

[MayDee]

Does anyone know how difficult it is to find your passphrase if they know your private key?

[Rampion]

Does anyone know how difficult it is to find your passphrase if they know your private key?

It depends on the passphrase

[CIYAM]

Does anyone know how difficult it is to find your passphrase if they know your private key?

Why would anyone care about your passphrase if they have already got your bitcoins?

[MayDee]

Does anyone know how difficult it is to find your passphrase if they know your private key?

It depends on the passphrase

LOL   Let's say it is a supa dupa hard one  

[BurtW]

Does anyone know how difficult it is to find your passphrase if they know your private key?

Why would anyone care about your passphrase if they have already got your bitcoins?

This ^^^

But assuming they have the private key to your standard brain wallet and have already taken all of the BTC in that wallet they might think to themselves "Self, if we can get this bozo's passphrase we may be able to clear out his MtGox, Bitstamp and other accounts if he used the same passphrase."

So there is some reason to do this.  Now in a standard brain wallet the private key is the SHA256 of the passphrase and it is basically impossible to go from the hash back to the passphrase.

So, although all of the BTC in your brain wallet have been lost, your other accounts using the same passphrase are probably safe in this hypothetical scenario.

[LiteCoinGuy]

I don't think you can download the script from the site.  Regardless, whether it is the website author or a hacker, the site is compromised.  I don't think it had anything to do with my wallet.dat password being compromised - it is a very long, secure password and I do not believe there are any trojans on my system.

I think the same. Never use a third party for security.

[MayDee]

But assuming they have the private key to your standard brain wallet and have already taken all of the BTC in that wallet they might think to themselves "Self, if we can get this bozo's passphrase we may be able to clear out his MtGox, Bitstamp and other accounts if he used the same passphrase."

So there is some reason to do this.  Now in a standard brain wallet the private key is the SHA256 of the passphrase and it is basically impossible to go from the hash back to the passphrase.

So, although all of the BTC in your brain wallet have been lost your other accounts using the same passphrase are probably safe in this hypothetical scenario.

Thank you

[BurtW]

I don't think you can download the script from the site.  Regardless, whether it is the website author or a hacker, the site is compromised.  I don't think it had anything to do with my wallet.dat password being compromised - it is a very long, secure password and I do not believe there are any trojans on my system.

I think the same. Never use a third party for security.

Dude, you are quoting the third post in this thread and your response is totally out of context.  Are you a posting bot?

EDIT:  reported as possible posting bot.

[MayDee]

Why would anyone care about your passphrase if they have already got your bitcoins?

Also usefull to know if you are planning to make 10 brainwallets with strong passphrases by themselves, but with very similar passphrases that can link them together.

[proudhon]

I know I'm late to the party, but you know what's really annoying...when people post about how this or that service is compromised, but then don't post the password they used.  That's all I have to say.

[BurtW]

I know I'm late to the party, but you know what's really annoying...when people post about how this or that service is compromised, but then don't post the password they used.  That's all I have to say.

They used "stfu!", see here:

https://bitcointalk.org/index.php?topic=251037.msg2668158#msg2668158

[proudhon]

I know I'm late to the party, but you know what's really annoying...when people post about how this or that service is compromised, but then don't post the password they used.  That's all I have to say.

They used "stfu!", see here:

https://bitcointalk.org/index.php?topic=251037.msg2668158#msg2668158

Good lord

[btcdrak]

The speed (seconds) with which the funds were redirected make it clear it was a bot.

I don't think you understand what a rainbow table is.

Somebody generated the exact same brainwallet you did, long before you ever thought of using that passphrase.

They've actually generated millions of brainwallets, and they're just waiting for someone naive enough to use the same weak passprases and deposit money into one of their addresses.

Anything less than 16 random words is too short as a passphrase. Not a 16 word phrase from your favourite work of literature, not some TV character's 16 word catchphrase with a few simple letter substitutions and random punctuation characters thrown in.

16 words that have never before been grouped together into the same context by any human that has ever lived.

If you can't generate and remember a random passphrase this long you shouldn't use brainwallets.

Diceware: http://world.std.com/~reinhold/diceware.html

[RoxxR]

The speed (seconds) with which the funds were redirected make it clear it was a bot.

I don't think you understand what a rainbow table is.

Somebody generated the exact same brainwallet you did, long before you ever thought of using that passphrase.

They've actually generated millions of brainwallets, and they're just waiting for someone naive enough to use the same weak passprases and deposit money into one of their addresses.

Anything less than 16 random words is too short as a passphrase. Not a 16 word phrase from your favourite work of literature, not some TV character's 16 word catchphrase with a few simple letter substitutions and random punctuation characters thrown in.

16 words that have never before been grouped together into the same context by any human that has ever lived.

If you can't generate and remember a random passphrase this long you shouldn't use brainwallets.

Diceware: http://world.std.com/~reinhold/diceware.html

This. And there are a couple of nice tools on this forum that easily convert dice rolls into passphrases and bitcoin addresses.

[btcdrak]

The speed (seconds) with which the funds were redirected make it clear it was a bot.

I don't think you understand what a rainbow table is.

Somebody generated the exact same brainwallet you did, long before you ever thought of using that passphrase.

They've actually generated millions of brainwallets, and they're just waiting for someone naive enough to use the same weak passprases and deposit money into one of their addresses.

Anything less than 16 random words is too short as a passphrase. Not a 16 word phrase from your favourite work of literature, not some TV character's 16 word catchphrase with a few simple letter substitutions and random punctuation characters thrown in.

16 words that have never before been grouped together into the same context by any human that has ever lived.

If you can't generate and remember a random passphrase this long you shouldn't use brainwallets.

Diceware: http://world.std.com/~reinhold/diceware.html

This. And there are a couple of nice tools on this forum that easily convert dice rolls into passphrases and bitcoin addresses.

Diceware SHOULD NOT be used with anything other than dice: the entropy is not the same otherwise.

[RoxxR]

The speed (seconds) with which the funds were redirected make it clear it was a bot.

I don't think you understand what a rainbow table is.

Somebody generated the exact same brainwallet you did, long before you ever thought of using that passphrase.

They've actually generated millions of brainwallets, and they're just waiting for someone naive enough to use the same weak passprases and deposit money into one of their addresses.

Anything less than 16 random words is too short as a passphrase. Not a 16 word phrase from your favourite work of literature, not some TV character's 16 word catchphrase with a few simple letter substitutions and random punctuation characters thrown in.

16 words that have never before been grouped together into the same context by any human that has ever lived.

If you can't generate and remember a random passphrase this long you shouldn't use brainwallets.

Diceware: http://world.std.com/~reinhold/diceware.html

This. And there are a couple of nice tools on this forum that easily convert dice rolls into passphrases and bitcoin addresses.

Diceware SHOULD NOT be used with anything other than dice: the entropy is not the same otherwise.

Read my post again. The tools I saw WORK WITH DICE. So, full entropy. 

[franky1]

you could always use a sha256 generator first
my - 038468518ad8122e13112743f890c7ba96ac5665b71de548eceb23e9ef237805
m0m5 - f4b4dff4af48415ce1883a01d5589022fb11b1adb2c9b53aa9439cabd9273d5c
c00k135 - c092a98000322afadf557a9754f1fac6d97d21e8c0432e518edd1b5dc7e3c67f
4r3 - 9a55b85547d8d71b45fbd1000d7053fbb254571d11fe3c230592e41531bf6413
n1ce - 781d42e75cbf8d87d48dcbb54a20fdb1d9e70f02d6759124d1a3c7e68d5c9f92

combine the results to become 038468518ad8122e13112743f890c7ba96ac5665b71de548eceb23e9ef237805 f4b4dff4af48415ce1883a01d5589022fb11b1adb2c9b53aa9439cabd9273d5c c092a98000322afadf557a9754f1fac6d97d21e8c0432e518edd1b5dc7e3c67f 9a55b85547d8d71b45fbd1000d7053fbb254571d11fe3c230592e41531bf6413 781d42e75cbf8d87d48dcbb54a20fdb1d9e70f02d6759124d1a3c7e68d5c9f92

then put that into the brain wallet to add further randomness to the words.

or ofcourse run it through a sha256 again (without spaces) to give you f9640de45673cc0baacef1b9d4c407f06c453d72d06c99cf8870d19114d42d51. make your own checksum code to make it a private key more direct without using third party services.