The most secure and paranoid option of all is the brain wallet – storing a bitcoin address and private key entirely in your brain. This is easier than it sounds: a private key is 256 bits long, so it is about as hard to memorize as 50 words of English prose or 10 phone numbers, although you can settle for even less than that at the expense of some security.
The advantages of this approach include:
- Very strong security since there is nothing physical to be stolen, since everything is stored in your head
- Minimal trust required; you only have to trust the software when you’re sending bitcoins, and even then you can have very tight control over the process and check the transaction yourself to ensure that nothing malicious is going on. Even creating the addresses can be done offline.
The disadvantages are:
- Requires memorization, and difficult to manage
- Less privacy and in some ways less security than the offline/paper wallet option since you can only practically memorize a very small number of addresses
- If a criminal finds out about your brain wallet, they can hold you hostage until you release it, an option that they do not have if you use an offline wallet
- You could potentially forget your private key and lose everything
There are three ways to create a brain wallet. The first, and most obvious, is to create an address/private key pair with bitaddress.org, blockchain.info or vanitygen and memorize it as is. However, this option is the most difficult to memorize. The second is to generate an address/private key pair and use a tool like Grondilu’s Bitcoin Bash Tools or the Electrum wallet to generate a list of words from the private key which you can more easily memorize, and then use the tool to convert back when you need to. The third is to do the reverse – create the private key from the passphrase, which you can choose yourself. Since almost any 256-bit value can be used as a private key with Bitcoin’s ECDSA cryptography, you can take the SHA256 hash of any password or phrase (the tools for this are very widely available both online and offline) and then import the result into the blockchain.info wallet in offline mode to get the address for that key. The process for sending bitcoins is exactly the same as that for offline/paper wallets: use a tool to create the transaction offline, and then use an online computer to publish it.