May I add this to the nxtcrypto.org website? There are PIN buttons to pin it to Pinterest and I can share it socially too.

Ricky, I totally agree. All the national coins have this challenge.  The time scale is more of a challenge in the 'digicoin age' though.  Traditionally national currencies have developed together with the nation and that has been over 100's of years.  With BTC it has been over 4 or so years.  I think NXT is still in its infancy and if it is to survive in the long-term the currency really really next to be distributed to a large number of people and various entitles very quickly.  Otherwise, despite its advantages, its popularity will die slowly off like many others.

I dont think this is correct.  You could completely skip the  passphrase step and just generate 256 bits of entropy in a NXT wallet.dat file to be used as a private key and have the client to use this data directly instead of asking for passphrase.

I believe it would also be possible to create a bitcoin client that uses a brainwallet password as well, where a passphrase is used in an algorithm to generate the appropriate bitcoin addresses (though this scenario would have the same risks we are seeing with short passphrases, though the difference is that with bitcoin, there wouldnt be a 2^64 vs 2^256 thing we have)

I believe BCNext chose the brainwallet method to make it possible to actually contain an account in your head, so as to be able to leave absolutely no trace on paper or disk if so desired.  But theres just nothing from preventing a client to use the bitcoin method

Yes exactly.  You guess the private key "since it was created by a human", then you crack the account.   That is why there are so many Nxt accounts that get cracked.  You don't even need to do the cracking against the network,  you just do it against the public block chain.

If the developers don't think this is fundamentally broken,  then I really question their judgement.

I bet ur account. Send 50 NXT to 800913308 plz.

http://localhost:7874/nxt?requestType=decodeToken&website=&token=rgoq0m7lg2g349ok1kv93g8arpqh4uo66r7rgb0std9tvmfeb7d8k8kvckd2vl0019hb5ge1l35cl82fenfqnuao911a6egpc7p1bh9dm4s09lf4g5bddn1kugca3jgh62ahfogi9iartjs5f0kn3sc5s4v36og8

Well I can sell BTC and other stuff for FIAT on Bittylicious but this is their comment on NXT;

"We don't do NXT yet as it requires some back end changes."

I will do some other trades and keep asking.

Then it will do nothing for branding, because it will just look like part of the address (that's also true for the ridiculous NxxxxXxxxxT scheme).

I also prefer short addresses, but since some people strongly believe in branding we added an optional "NXT-" prefix.

the fact that its THERE though.  at the very front.

accomplishes the same function

I dont particularly care for the N prefix AT ALL.  but if we absolutely MUST then please just make it part of the address, with no dash.  it removes the balance of the address.

That would ruin the whole idea of brain wallet. Plus kill a lot of fun we have with simple passphrases and maybe some legitimate uses for short passwords.

Clients should not enforce the passphrase. Clients should have:

a) strong password gen, which prefills the passphrase for you

b) key stretching algorithm, same for all clients

Client devs, did you organize yet and decided what it will be?