Can a brain wallet be trusted?

[Saint-loup]

There's been debate through the years, and some users have even run some challenges to try, and prove that they can be secure. However, generally brain wallets introduce additional risks, which if you aren't aware of could potentially compromise you. Plus, as suggested humans are generally absolutely horrible at entropy. We tend to think similarly, and follow patterns. It's very much what makes us human. Most living things have patterns.

The above challenge was never claimed, however this is a rather flawed challenge since we don't know exactly how it was generated. The question isn't about are brain wallets inherently insecure, it's more the human factor when it comes to generating the entropy. LoyceV, has a nice little thread there that demonstrates this weakness.

So, even if you believe you've made a completely random password, it likely isn't. Our thought processes are flawed for entropy. Computer generation of entropy is almost always better.

Thank you for pointing out this thread from CIYAM, it seems the challenge is over since the last funds have been spent in 2019 but at least it shows one thing. (Strong) brain wallets could be used for a temporary storage.
If you need to go somewhere where you can't safely bring any luggage with you, it could be a solution. I know it's certainly safer to store a seed on internet and to memorize its passphrase in this kind of situation since the attacker would have to find and hack your account first. But if you cant easily access internet in this place or if you don't want to rely on the availability of an online service, only few solutions remain...
Another famous use case is a way to easily and quickly give funds to someone you trust.

[PrivacyG]

How many times did you forget a password?  How many times did you forget where you put a particular thing of yours?  How bad was it when you forgot your e-mail password?  How bad would it be to forget your 'brain wallet' password?  This is not like you left your soda at the mall by mistake and you just buy another.  By forgetting your brain wallet password, you are just going to make us all a favor by having your coins lost in the darkness.

The ONLY way I think a brain wallet could actually be helpful is if you have to flee the country and are afraid the border guards or the airport guys will find your seed.  You can then create a very random and long brain wallet and print it on a T-Shirt you will wear to the airport and move the coins as soon as possible when you are safe at the destination.  Otherwise, there is no way I would ever trust a brain wallet.  In fact.  I would not trust it even in this fleeing situation, for which reason I would keep my coins there for the least amount of time possible.

Edit.  If I think about it, it actually makes no sense to create a brain wallet, even for temporary fund storage.  You could simply create a seed and print a poem containing the seed words on a T-Shirt and this is a MUCH safer way to store your coins.  Forget brain wallets.  Not worth the risk.

-
Regards,
PrivacyG

[Saint-loup]

How many times did you forget a password?  How many times did you forget where you put a particular thing of yours?  How bad was it when you forgot your e-mail password?  How bad would it be to forget your 'brain wallet' password?  This is not like you left your soda at the mall by mistake and you just buy another.  By forgetting your brain wallet password, you are just going to make us all a favor by having your coins lost in the darkness.

The ONLY way I think a brain wallet could actually be helpful is if you have to flee the country and are afraid the border guards or the airport guys will find your seed.  You can then create a very random and long brain wallet and print it on a T-Shirt you will wear to the airport and move the coins as soon as possible when you are safe at the destination.  Otherwise, there is no way I would ever trust a brain wallet.  In fact.  I would not trust it even in this fleeing situation, for which reason I would keep my coins there for the least amount of time possible.

Edit.  If I think about it, it actually makes no sense to create a brain wallet, even for temporary fund storage.  You could simply create a seed and print a poem containing the seed words on a T-Shirt and this is a MUCH safer way to store your coins.  Forget brain wallets.  Not worth the risk.

-
Regards,
PrivacyG

A T-shirt with a text is a very good idea but are you sure the border guards won't find that a little bit suspicious. Even if they don't suspect a Bitcoin seed, they could think it's a coded message containing critical informations.
Moreover if you are put in jail, you won't be able to keep your t-shirt.

[PrivacyG]

A T-shirt with a text is a very good idea but are you sure the border guards won't find that a little bit suspicious. Even if they don't suspect a Bitcoin seed, they could think it's a coded message containing critical informations.
Moreover if you are put in jail, you won't be able to keep your t-shirt.

Come on.  What are the chances someone finds it suspicious to have a graphic T-Shirt?  Has anyone ever been pulled over for having a random graphic design on their shirt?  Does everyone go to the airport with basic, plain T-Shirts on them?  Create a very minimalistic T-Shirt with the text on it and nobody would suspect a thing.  Unless you create a design that makes absolutely no sense and seems cryptic.  Poems though or stuff like that, who cares really.

I would be more afraid of the guy who has the printing company than of the border guards.

-
Regards,
PrivacyG

[LoyceV]

border guards or the airport guys will find your seed.
~
Edit.  If I think about it, it actually makes no sense to create a brain wallet, even for temporary fund storage.  You could simply create a seed and print a poem containing the seed words on a T-Shirt and this is a MUCH safer way to store your coins.  Forget brain wallets.  Not worth the risk.

Even easier: memorize the 12 words, and cross the border. If you forget a few words, drive back and dig up your seed word backup.
More realistically: the average person carries at least tens or even hundreds up to thousands of GB of data with him all the time. There's no way anyone is going to find the 12 words they're looking for in there without spending a very long time searching.