Brain Wallet Type Of Secret?

[Raccoon]

I want to have a secret that can be derrived by a sentence that i'll just remember.

I would then be able to sit at any computer, derive the secret (by using online hash generator) and download my files. 

 

So few questions

1. can the secret by any string of chars, or there is some "format" requirments?

2. what hashing algorithm is best to use to hash the sentence (or something different than hashing algo?)

3. any potential draw backs of this method (except the obvious that if usnig online hash generator, the site will know the secret)

 

[Raccoon]

isn't that idea too cool to be ignored?

[RomanZ]

@Raccoon

 

1. Please see forum topic: http://forum.bittorrent.com/topic/29304-rules-for-valid-secret/

2. "best" from which point of view? Cryptographical strength? Calculation speed? Something else?

3. Yes, there is one major drawback: the strength of the secret generated in that way. The hash generated in such way becomes very vulnerable to brute force attack with vocabulary. 

[Raccoon]

Well, which hash function will have 40+ chars output? Other than that I don't think it matters much?

 

Basically, I just hash a sentence, then base64 it and can use it as custom secret, right?

[RomanZ]

You can use SHA-256 then Base-64 encode it. You'll get exactly 40 characters. Also, you can simply base-64 encode your sentence as well, it just needs to be more than 32 chars length to get 40 symbols in Base64

[Raccoon]

Actually yes! I can just base64 it.

Is there any advantage to hashing it before that that i'm missing?