This wallet can be opened by a private key so that can be used to authorize bitcoin transactions. If the user loses this private key, they lose their only method of accessing a wallet. In most cases, users are supplied with an automatically generated private key when they register an account, which they can change later on. One of the most common practices to choose a Bitcoin wallet is via the “Brain Wallet” technique. Users can visit special sites or use special applications, sometimes embedded within Bitcoin wallet services, to enter a regular text-based passphrase. This passphrase is then converted using the SHA-256 hash algorithm into a 256-bit number that becomes the Bitcoin wallet’s private key. In case the user loses their private key, they can always reproduce it by converting their passphrase into a 256-bit number via the SHA-256 algorithm. Now, three researchers have found out a rather simple way to crack the Bitcoin brain wallet passwords. The researchers have published a paper detailing the method, which they claim, is 2.5 times faster than previous techniques and incredibly cheap to perform. White Ops security researcher Ryan Castellucci had demonstrated last summer at the DEFCON 23 security conference in Las Vegas, USA that it is easy for hackers to hack private bitcoin keys. He was joined by two more researchers from University College London to crack the bitcoin wallet password. The three researchers used their technique against real-life Bitcoin wallets and managed to crack 18,000 passwords. Some of the passwords included silly passphrases like: ? say hello to my little friend ? to be or not to be ? party like it’s 1999 ? yohohoandabottleofrum ? dudewheresmycar ? andreas antonopoulos ? Arnold Schwarzenegger ? blablablablablablabla ? for the longest time ? captain spaulding The conclusion of this research is that users should stay away from using common passphrases to generate Bitcoin private keys, and despite the complex cryptography utilities used to build Bitcoin, the service’s security can still be sabotaged by the maligned practices users employ when choosing passwords for online accounts. The researchers have published their Speed Optimizations in Bitcoin Key Recovery Attacks research paper on International Association for Cryptologic Research website.