Bitcoin Forum

Good afternoon, can you change the password for bitaddress's paper wallet?

What do you mean password? bitaddress generate a set of private and public key.

If you are referring to the private key, the answer is NO, you can't change it.

I don't think that's possible, so the next best option would be to create a new wallet with a new password and then send the coins to the new wallet.

If it is encrypted with BIP38 no you can't change them unless if you know the password to decrypt and get the private key and encrypt it again with your own.


He might be talking about the BIP38 Encrypted private key.

If you mean password as the key to decrypt your paper wallet and thus access to the private key, it is possible if you know the password or brute force it if the password is easy.
Changing that password will not make a difference because you know the private key and therefore you can generate many other passwords.
If you mean the private key, the answer is no.

This ^^ seems the most logical interpretation of the OP's question AND the answer is correct :)

However, i'd like to ask the OP for the reason wanting to "change the password". Is it because the initial password was weak and the bip38 encrypted key was exposed? In that case, just decrypting and re-encrypting won't help him at all (since the exposed encrypted key can still be decrypted with the weak password, and the resulting private key is equal to the private key from the bip38 key that was encrypted with a strong password)

The reason would be to change the reason for the weak password. How to do this?

If you read my previous answer, this should make things clear for you...

If you used a weak password to encrypt your private key, and there is any chance whatsoever this key encrypted with the weak password ever touched an online machine, you're basically best off creating a brand new paper wallet using a strong password to bip38 encrypt your key, decrypt your "old" private key, import it in electrum, fund your "new" paper wallet (emptying out the old one, mark it "compromised").

IF you are 100% sure your key encrypted with a weak password never ever touched an online machine and no copies were ever shown to anybody but yourself, you could potentially use the offline version of whatever tool you used to bip38 encrypt your private key to decrypt it, then re-encrypt the same key using a strong password. After double-checking the decrypted versions of both encrypted keys match, you should probably burn the old paper wallet (with the weak password). Only do this after verifying tough!

I'll try to give a basic example that should make things clear for you

you use any tool to create "MySuperSecretPrivateKey", the public key hash of "MySuperSecretPrivateKey" is "1MyFirstAddress".

Anybody who gets their hands on "MySuperSecretPrivateKey" can spend any unspent outputs funding "1MyFirstAddress". Luckily, you bip38 encrypted "MySuperSecretPrivateKey" into "MyEncryptedSuperSecretPrivateKey" so now, people need your password to decrypt "MyEncryptedSuperSecretPrivateKey" before they can rob you.

To  bad you chose a weak password ("YourBirthDate").

You realise this, so you decrypt "MyEncryptedSuperSecretPrivateKey" using password "YourBirthDate", the output is "MySuperSecretPrivateKey".
You Re-encrypt "MySuperSecretPrivateKey" with a strong password ("AllRandomLetters"), the output is "MyStrongEncryptedSuperSecretPrivateKey"

HOWEVER....
decrypt("MyEncryptedSuperSecretPrivateKey", "YourBirthDate") = "MySuperSecretPrivateKey"
decrypt("MyStrongEncryptedSuperSecretPrivateKey", "AllRandomLetters") = "MySuperSecretPrivateKey"

Sooooo... IF ANYBODY, and i mean ANYBODY had POTENTIAL access to "MyEncryptedSuperSecretPrivateKey" at any point in time, he/she can easily brute-force "MyEncryptedSuperSecretPrivateKey" and find  "MySuperSecretPrivateKey", it doesn't matter the slightest bit that you re-encrypted  "MySuperSecretPrivateKey" with a strong password.

Now I understand what I have to do. Thank you.