A bitcoin wallet consists of a public address and a private key. There are various types of bitcoin wallets that feature various levels of security and features. There are hot wallets (or browser wallets) that are connected to the internet, wallets for mobile devices, or cold storage wallets such as paper or hardware wallets. But there is also another type of wallet that is less known to the average trader; Brain Wallets.
What is a Bitcoin brain wallet?
A brain wallet is a typical wallet that creates its address by hashing a passphrase to generate a private key and hence a public key creating a resultant address.
A typical Bitcoin or a Litecoin address consists of a 256-bit string and it usually uses the SHA-256 algorithm and different levels of difficulty can be applied to this. These strings resemble a long string of numbers and letters put together randomly without any meaning.
The plain concept of a brain wallet is that you memorize by heart your password and don’t write it down or store it in a file. By keeping the private key only in your head, the only way someone can have a chance at getting to your Bitcoins is by making you personally give them your private key. This is a much more secure way of keeping your Bitcoins locked up, but it’s not very easy to implement.
Don’t memorize the keys. Use a passphrase
As we mentioned a few lines back, keys represent long strings of jumbled up letters and numbers. Seems pretty hard for someone to remember such a long combination of characters (except if you’re some sort of memorizing genius).
But you don’t actually need to memorize them character by character, and instead use a passphrase. A passphrase is a sentence that usually consists of 8 words or more through mathematical algorithms can be converted into a private key.
How does the passphrase work?
The passphrase has to be an entirely unique sentence that will not be found in any song lyrics or literature piece. Security is improved just by inserting some sort of notable personal information, which doesn’t have to be necessarily a best-kept secret (even a phone number could work). A good bran wallet passphrase has to be made up out of dozens of characters.
But humans are pretty predictable in when it comes to what they use as a passphrase and password, and hacking technology has improved itself via rainbow tables and dictionary attacks. Also, certain large databases of passwords have been leaked making it easy to just hash all these passwords and check out if the equivalent address can be found in an active address on the blockchain, enabling the hacker to have the private key and thus access to the wallet.
A simple technique to make your passphrase secure is to use hashing functions a few times over so that the hacker will have to deduce what hashing function you used and how many times you applied it to a particular password. This method is known as key stretching. Unnecessary characters such as commas and incorrect grammar can make the passphrase more difficult to crack.
There have been tests in which simple passwords that were stocked with funds have been quickly hacked, so be extra careful which references and words you use in your passphrases.