Bitcoin Forum
December 12, 2017, 04:59:46 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 [3] 4 »  All
  Print  
Author Topic: It took 10 seconds for the brainwallet "password1" to be taken  (Read 14888 times)
porcupine87
Hero Member
*****
Offline Offline

Activity: 546


hm


View Profile
November 23, 2013, 07:18:23 PM
 #41

I'm not a fan of brainwallets for myself (I have a lousy memory and also I could die at any moment )
I ended up using bitaddress random generation, BIT38 and print.
But returning to brainwallets:  What about using 12 words from dictionary and one word that makes sense for you (like DeathAndTaxesRules ) but is not any dictionary

You can make a brain wallet + a paper wallet. I have...

For me it is a danger to lose the coins more likely than to get stolen. So i made a brain wallet with a password. I think that this password can be hacked is 0.1% of my problems. To lose it maybe 0.9%, but 99%, that I made a mistake with the generation.
- Maybe my connection was still on?
- Or it is still somewhere on my HDD?
- Or it was saved by a malware and when I connect again it will send the private key to the hacker?

What is your guess: I moved a few bitcoins to an address one week ago and the private key is just in my brain, paper wallet + truecrypt container (on usb stick I never use). How likely some malware get the private key?
My password? 30 characters, serveral words, names, seperated by an ~, and the words are written backwards or one character wrong. For example not "australia" but "ausdralia"

"Morality, it could be argued, represents the way that people would like the world to work - whereas economics represents how it actually does work." Freakonomics
1513097986
Hero Member
*
Offline Offline

Posts: 1513097986

View Profile Personal Message (Offline)

Ignore
1513097986
Reply with quote  #2

1513097986
Report to moderator
1513097986
Hero Member
*
Offline Offline

Posts: 1513097986

View Profile Personal Message (Offline)

Ignore
1513097986
Reply with quote  #2

1513097986
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
virtualmaster
Hero Member
*****
Offline Offline

Activity: 504



View Profile
November 23, 2013, 07:57:23 PM
 #42

Don't panic. If you use correctly brainwallets are the most secure.
But they are not newbie proof.

Calendars for free to print: 2014 Calendar in JPG | 2014 Calendar in PDF Protect the Environment with Namecoin: 2014 Calendar in JPG | 2014 Calendar in PDF
Namecoinia.org  -  take the planet in your hands
BTC: 15KXVQv7UGtUoTe5VNWXT1bMz46MXuePba   |  NMC: NABFA31b3x7CvhKMxcipUqA3TnKsNfCC7S
phillipsjk
Legendary
*
Offline Offline

Activity: 1008

Let the chips fall where they may.


View Profile WWW
November 23, 2013, 08:33:25 PM
 #43


Here are 12 "words" that I can remember that aren't in any dictionary

thingy
depribe
weenus
integrous
prollums
pompatous
dickfor
tigger
"xxxxxxxx" (my last name, shared by fewer than 100 people worldwide - okay, that's probably on some list)
sadistics
skullfuck
dickstain


Are you sure? The link has essentially the entire text of the Internet. While de-duplication would be tricky for common phrases (including misspellings), it should be trivial to pull all unique "words".

Are you saying none of the 100 people using your last name have a web-page on the Internet?

The hardest part would be trying all 12 word permutations. 4 word permutations should be doable.

Don't panic. If you use correctly brainwallets are the most secure.
But they are not newbie proof.

I would say paper wallets are most secure. Remember: you are not only trying to guard against theft, but also data-loss. Memory is notoriously unreliable. If you are hit by a vehicle, even if you survive, you may forget your passphrase.

With paper, you can store the passphrase is more than one physical location. You can use Multi-party signatures to require data from m of n locations (Pay to Script hash (BIP16) ,+ Multi-signature transactions (BIP11))

My offline wallet will survive a city-destroying event. Can't make the same claim about any "brain wallet" in my head.

James' OpenPGP public key fingerprint: EB14 9E5B F80C 1F2D 3EBE  0A2F B3DE 81FF 7B9D 5160
zumzero
Hero Member
*****
Offline Offline

Activity: 602


myBitcoin.Garden


View Profile WWW
November 23, 2013, 09:49:39 PM
 #44

Quick question.

In making my 'paper' (brass) wallets,  I'm going to use bitaddress_org html file and it so happens that it's the 'brain wallet' creating function that I need to use to be able to enter a passphrase.

So let's imagine I roll a dice 50 times and toss a coin 50 times and I enter those results with some added text of my own as a passphrase.

This is the passphrase that you would remember if it was indeed a brain wallet you were creating.

Clearly I would be unable to actually remember the newly created passphrase.

This is because I am only interested in the public address and corresponding private key which come from the above process.

So my question is simple.  

Is it okay for me to disregard the passphrase and never make a record of it as I'll already have everything I'll ever need for my cold storage brass wallets?

https://mybitcoin.garden
Bitcoin game where you can earn up to 220% on each planted garden!
Topazan
Sr. Member
****
Offline Offline

Activity: 354


View Profile
November 23, 2013, 10:01:06 PM
 #45

That should be fine, but why bother with a passphrase at all?  Why not just let bitaddress randomly generate your addressed using their "single wallet" or "bulk wallet" option?

Save the last bitcoin for me!
virtualmaster
Hero Member
*****
Offline Offline

Activity: 504



View Profile
November 23, 2013, 10:40:16 PM
 #46

That should be fine, but why bother with a passphrase at all?  Why not just let bitaddress randomly generate your addressed using their "single wallet" or "bulk wallet" option?
Because of this:
http://www.bbc.co.uk/news/technology-24048343
https://www.schneier.com/blog/archives/2013/09/surreptitiously.html
But if you use random number generator with mouse input or keyboard input for entropy collection then it is OK.
If the entropy is collected only from the own hardware then it is not safe because it is predictable. A deterministic wallet or a random wallet with human input is not predictable.

Calendars for free to print: 2014 Calendar in JPG | 2014 Calendar in PDF Protect the Environment with Namecoin: 2014 Calendar in JPG | 2014 Calendar in PDF
Namecoinia.org  -  take the planet in your hands
BTC: 15KXVQv7UGtUoTe5VNWXT1bMz46MXuePba   |  NMC: NABFA31b3x7CvhKMxcipUqA3TnKsNfCC7S
markyminer
Hero Member
*****
Offline Offline

Activity: 490


Spectiv VR Crowdsale: 12/08/17


View Profile
November 24, 2013, 12:00:02 AM
 #47

Don't panic. If you use correctly brainwallets are the most secure.
But they are not newbie proof.

My blockchain password goes in the format of "chippy2370spence2721" .

I assume this would be a crap brainwallet password and quickly cracked and my BTC stolen?

M


              ▄▄████████████▄▄             
          ▄███▀▀▀░░░░░░░░░░▀▀▀███▄▄        
       ▄██▀▀░░░░░░░░░░░░░░░░░░░░░▀██▄      
     ▄██▀░░░░░░░░░░░░░░░░░░░░░░░░░░▀███    
   ▄██▀░░░░░░░░░░░░░░░▄▄▄▄▄█████████████▄  
  ▄██░░░░░░░░░░░▄▄█████████░░░░░░░░░░░░▀█▌ 
 ▐██░░░░░░░░▄█████▀▀▀▀▀▀▀▀▀████▄░░░░░░░░▀█▌
▐██░░░░░░▄███▀▀███████████████▀▀██▄░░░░░░██▌
████▄░░▄██▀███████▄██████▄████████▀██▄░░░▐██
██░▀████▀██████████████████████████████▄░░██
██░░░▀██▄█████████████████████████▄██▀▀██▄██
██▌░░░░▀███▄████████▀▀▀▀███████▄██▀░░░░░▀███
▐██░░░░░░░▀███▄▄███████████▄▄██▀▀░░░░░░░░██▌
 ▐██░░░░░░░░░░▀▀████████████▀░░░░░░░░░░░▄█▌
  ▀██▄▄▄▄▄▄▄▄▄████████▀▀▀░░░░░░░░░░░░░░▄█▌ 
   ▀███▀▀▀▀▀▀░░░░░░░░░░░░░░░░░░░░░░░░▄██▀  
     ▀██▄░░░░░░░░░░░░░░░░░░░░░░░░░░▄██▀    
       ▀███▄░░░░░░░░░░░░░░░░░░░░▄▄██▀      
          ▀████▄▄░░░░░░░░░░▄▄▄███▀         
              ▀▀▀██████████▀▀▀             

    
                         [ Website ]                    
    
NewLiberty
Legendary
*
Online Online

Activity: 1190


Gresham's Lawyer


View Profile WWW
November 24, 2013, 12:47:51 AM
 #48

Don't panic. If you use correctly brainwallets are the most secure.
But they are not newbie proof.

Looking at the extraordinary hoops folks are jumping through in order to secure their bitcoin, is a decent measure of how very far we have to go yet to get to mainstream adoption.
These are early days.
Like hearing grandpa talking about starting their cars with a crank.

FREE MONEY1 Bitcoin for Silver and Gold NewLibertyDollar.com and now BITCOIN SPECIE (silver 1 ozt) shows value by QR
Bulk premiums as low as .0012 BTC "BETTER, MORE COLLECTIBLE, AND CHEAPER THAN SILVER EAGLES" 1Free of Government
zumzero
Hero Member
*****
Offline Offline

Activity: 602


myBitcoin.Garden


View Profile WWW
November 24, 2013, 01:53:23 AM
 #49

That should be fine, but why bother with a passphrase at all?  Why not just let bitaddress randomly generate your addressed using their "single wallet" or "bulk wallet" option?

Thanks for the reply.

It's just as protection in case there are security flaws with that method. 




https://mybitcoin.garden
Bitcoin game where you can earn up to 220% on each planted garden!
porcupine87
Hero Member
*****
Offline Offline

Activity: 546


hm


View Profile
November 24, 2013, 10:38:47 AM
 #50

Quick question.

In making my 'paper' (brass) wallets,  I'm going to use bitaddress_org html file and it so happens that it's the 'brain wallet' creating function that I need to use to be able to enter a passphrase.

So let's imagine I roll a dice 50 times and toss a coin 50 times and I enter those results with some added text of my own as a passphrase.

This is the passphrase that you would remember if it was indeed a brain wallet you were creating.

Clearly I would be unable to actually remember the newly created passphrase.

This is because I am only interested in the public address and corresponding private key which come from the above process.

So my question is simple.  

Is it okay for me to disregard the passphrase and never make a record of it as I'll already have everything I'll ever need for my cold storage brass wallets?


Why don't you just put in 1000 random characters with the keyboard on bitaddress? The private key is just a SHA-256 key of that string. And the public address will get created out of this private key. So you get the maximum entropy... But in this way you don't have a backdoor to access your coins in your head.

"Morality, it could be argued, represents the way that people would like the world to work - whereas economics represents how it actually does work." Freakonomics
2weiX
Legendary
*
Offline Offline

Activity: 1862

bitcoincommodities.com


View Profile
November 24, 2013, 10:46:28 AM
 #51

can I use http://passwordsgenerator.net/ to generate a 50 char password such as

Code:
Mdv6)2uU)'_9K!X+Lb'er#6[.aJxc>r!a`J5?QL;W)/J.=MR<y

and use the phonetic output

Code:
MUSIC drip visa 6 ) 2 usa USA ) ' _ 9 KOREAN ! XBOX + LAPTOP bestbuy ' egg rope # 6 [ . apple JACK xbox coffee > rope ! apple ` JACK 5 ? QUEEN LAPTOP ; WALMART ) / JACK . = MUSIC ROPE < yelp


as seed for a resonably secure wallet?
theecoinomist
Full Member
***
Offline Offline

Activity: 200


View Profile
November 24, 2013, 12:13:21 PM
 #52

Quick question.

In making my 'paper' (brass) wallets,  I'm going to use bitaddress_org html file and it so happens that it's the 'brain wallet' creating function that I need to use to be able to enter a passphrase.

So let's imagine I roll a dice 50 times and toss a coin 50 times and I enter those results with some added text of my own as a passphrase.

This is the passphrase that you would remember if it was indeed a brain wallet you were creating.

Clearly I would be unable to actually remember the newly created passphrase.

This is because I am only interested in the public address and corresponding private key which come from the above process.

So my question is simple.  

Is it okay for me to disregard the passphrase and never make a record of it as I'll already have everything I'll ever need for my cold storage brass wallets?

I am using cold storage the same way you were talking about. Only difference was I was livebooting from Ubuntu and then opening bitaddress in html file offline to generate a key pair using brainwallet (as stated, don't trust RNG).
But seeing you won't use the computer afterwards it should be perfectly fine - just don't go online on it again.


I'm not so sure about how you would go and import one of these on an offline client like the armory/official client, however I would just sweet it on a Blockchain.info account with Google 2-FA and then transfer the funds to whatever destination.

npudar
Newbie
*
Offline Offline

Activity: 6


View Profile
November 24, 2013, 02:10:12 PM
 #53

I have been wanting to participate in this discussion, and am now happily past the newbie speedbump.  Smiley

I like the concept of deterministic wallets, and am thinking of an approach that lets me create deterministic and encrypted paper wallets.

It starts with a brainwallet created at bitaddress.org with a 230+ bit entropy passphrase.  I then encrypt the private key at bit2factor.org which implements BIP38 to create an encrypted private key.  For this encryption, I use a different 230+ bit entropy passhprase.  I then use the encrypted private keys as the successive brainwallet passphrases to create more encrypted private keys in a deterministic manner.

I have read this full post and others like it, and am aware of the need for high entropy passphrases.  I can use even higher entropy passphrases than what I am thinking of, and I can reliably re-create the passphrases when I need to.  But I am interested in knowing how much entropy bitcoin passphrases can handle.

My questions are:
1) what is the limit for the number of characters a passphrase can have to create a private key at bitaddress.org?
2) what is the limit for the number of characters a passphrase can have to encrypt a private key at bit2factor.org for the BIP38 implementation?

Thanks.
phillipsjk
Legendary
*
Offline Offline

Activity: 1008

Let the chips fall where they may.


View Profile WWW
December 04, 2013, 09:46:53 AM
 #54

It is safer to properly generate the entropy and store the result on paper.

Due to to nature of cryptographic hash functions, there is no limit to the length of the pass-phrase. It can be the King James Bible (which is well known enough, it may very well be guessed by dedicated pass-phrase crackers).

My rule of thumb: if it has ever been published, it is not a good pass-phrase.

James' OpenPGP public key fingerprint: EB14 9E5B F80C 1F2D 3EBE  0A2F B3DE 81FF 7B9D 5160
kuverty
Sr. Member
****
Offline Offline

Activity: 336



View Profile
December 04, 2013, 11:16:03 AM
 #55

so could there be a possible collision?  Huh

If you use a password to create a private key it is very easy for computers to generate the private keys and check the balance.  You need to create the private keys randomly and not from a password.  In other words, no brain wallets.  people can run large supercomputers and check passwords all day long so don't even try it.

the best way to go is use a deterministic wallet like armory or electrum.  that was you have one long key you have to save and back up.  Then all your addresses are created from that.
It will suffice to use a good password. Supercomputers can't beat good passwords. Just don't use anything that could be beaten with wordlists etc., do not use lyrics from your favourite song and so on. The problem is the same as choosing a good password. It's totally doable if you use some sense. Put something personal in it, something that is not found in a word list. That way if the attacker wants to really crack it he would have to focus on cracking just your password.

If we look at passwords like "correct horse battery staple"
The words
correct - 1822nd most common (Wolfram Alpha)
horse - 1315th most common (Wolfram Alpha)
battery - 3222nd most common (http://www.wordfrequency.info/free.asp?s=y)
staple - Huh, but not in the top 5000

So, one would most probably need a word list of at least 2000 words to be able to have all those words. This means 16000000000000 different combinations of four words. Assume an attacker could hash passwords at 10 TH/s. She would need 1.6 seconds to surely find the key. So not safe for the future attacker. Add a fifth word, it will take an hour now. Add punctuation, substitute a letter for a number, do a strange error in spelling... something you can remember. The key will become impossible to guess. Remember something personal. Also in practice the word list would have to include way more than 2000 words.
Anyway, think this for yourself, but it's not difficult to come up with a safe passphrase that you can also surely remember. I have a mixed Finnish/English passphrase I know I really can't forget but it's also quite impossible for anyone to come up with.
Just remember something random or personal as well, there are around 7 billion people on this planet and  if you think no one else likes that obscure quote or poem you're using, you might as well be wrong.
DeboraMeeks
Hero Member
*****
Offline Offline

Activity: 588


View Profile
December 04, 2013, 02:40:00 PM
 #56

There are safer ways to hold into btc's ,it's clear that some people generated thousands if not millions of wallets and are using bots with bruteforce to break any weak passwords. To have a somehow moderate wallet you might need to enter a semi-impossible to imagine word with letters/number/signs etc... making it hard for you to remember. Paper wallets might be more useful.
megastacks
Newbie
*
Offline Offline

Activity: 14


View Profile
December 04, 2013, 04:15:45 PM
 #57

How about a coinbase wallet?   Is it secure?
Patel
Legendary
*
Offline Offline

Activity: 1279



View Profile WWW
December 04, 2013, 04:38:02 PM
 #58

How about a coinbase wallet?   Is it secure?

Its as secure as the owner is. But remember, if you don't control the keys, you don't control the bitcoin.

Blockchain.info is a much better wallet because you get to keep control of your keys
megastacks
Newbie
*
Offline Offline

Activity: 14


View Profile
December 04, 2013, 04:53:24 PM
 #59

How about a coinbase wallet?   Is it secure?

Its as secure as the owner is. But remember, if you don't control the keys, you don't control the bitcoin.

Blockchain.info is a much better wallet because you get to keep control of your keys

And your blockchain.info wallet is as secure as the password you set it up with?

Sorry for the noob q's
megastacks
Newbie
*
Offline Offline

Activity: 14


View Profile
December 04, 2013, 05:05:47 PM
 #60

So if my coinbase has an easy pw, when I do a transaction someone may use the public key to track me and try to crack my pw? 

Is that the way it works?

New to this but want to be secure.
Pages: « 1 2 [3] 4 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!