My bank forces me to use "security" questions like "what is your mother's maiden name?" As a point of principle I avoid anything easily guessible or socially-engineerable, so brain wallets probably aren't for me. But to be fair - Ryan Castellucci's estimate of a botnet taking a day to crack
8 character passwords isn't a huge concern to me. People are going to use crap passwords - at their bank, or on their brain wallet. It's a social problem.