My claim is that brain-wallets are dangerous (private key which is the password) as your virtual "encrypted wallet" is effectively stored on the block chain so anyone can have a go at grinding your password. GPUs are frighteningly fast at grinding passwords. Even a 46-bit password can be ground for 50c of compute at bitcoin prices or analogous with litecoin/scrypt.
Its not that much better with an encrypted randomly generated private key (BIP 38), if you are worried that its realistic other people will get hold of your encrypted private key. Once that happens you're in the same boat as brain-wallets against the people who have your encrypted key file/wallet.
Of course its better to encrypt than not.
But about increasing the security of your private key, choose a parallelizable key derivation and buy yourself a machine with a lot of GPU cores. (eg Scrypt(iter=1,deleted salt,...) with a deleted 30-bit or 40-bit salt; it will be GPU expensive to decrypt. This delete salt bits (not a new idea its due to Merkle 1976 and mentioned in Rivest et al's time-lock puzzle paper) its described here:
https://bitcointalk.org/index.php?topic=311000.msg3342217#msg3342217Also see the top part of the thread, I proposed a couple of ways to securely outsource computing your KDF so that you can pay 50c and get 100 GPU miners to stretch your key for you, this one is interactive:
https://bitcointalk.org/index.php?topic=311000.msg3341985#msg3341985or lots of ASIC miners in the second version which is non-interactive, its a stretched signature verification, and after its spent you need to delete the private key component c to prevent somone who later gets a copy of your private key grinding your password against the now public stretched signature:
https://bitcointalk.org/index.php?topic=311000.msg3402287#msg3402287Adam
