Again "theoretically" all encryption methods prone to brute-force attacks. And plus, encrypted storages indirectly reveals "encryption passwords" on succeeded attacks.
And if you go that path, "theoretically" an attacker might simply guess your password on the first try when attempting to log in as you, so password "storages" and "brute-force" has nothing to do it.
You are mistaken on one think: it is not just being it "theoretically" possible but likeliness -or hardness- of it.
If the possibility of an attacker guessing my password at first try is one in a billion -or trillion- chance, then we can say it pretty secure. But hacking a cloud with a possible zero-day flaw and cracking a password database is not that hard if we compare it with your example.
> all encryption methods prone to brute-force attacks
The chance of succeeding within our lifetime with a brute-force attack against modern encryption is far less than one in a trillion. So in your words, it is far better than "pretty secure".
