Can You recover my BIP38 Password?

[Welsh]

What kinds of hints are most useful? Ie...

I'm highly confident that I used...

at least 1 whole English word at least 6 chars long - possibly by itself,

but also possibly combined with:
1 instance of a known 3 digit numerical string;
1 instance of a known 4 digit numerical string; or
2 matching instances of an unknown 2-digit numerical string.
 
I may also have included up to  2 instances of a single non-alphanumeric symbol either at the end of the password or at the beginning and end of the password. Not anywhere in between.

Like Mody0101, anyone can contact me for more specifics.

However, I think that my problem comes from mis-spelling that whole word (I wish BitAddress.org used matching password form validation). So... I think that using a dictionary file of parts of words or misspelled words will be useful.

I have only done miniscule amounts of programming in my lifetime. But I think an algorithm for this might go...

• list all possible seed words used to generate the encrypted private key (the hard part)
• filter for matches containing parts of words or misspelled words
• filter for matches containing any of the known 3 or 4 digit strings possibly used
• filter for matches of words I might have used
• done?

Look at what bob123 said, that applies to you too. Also, I noticed that you like to use 'leet' speak by putting a "3" instead of a "e" is it possible that this could be the password too? These are the things that you need to be thinking about and include all the information you can on the password if this information compromises any other passwords that you use then you need to change them before releasing this information.

At the moment we don't need to think about the algorithm used, we just need information on the password otherwise no algorithm is going to work. Provide all the information you can and send it to Dave's recovery services.

[1713910602]

1713910602

[1713910602]

1713910602

[1713910602]

1713910602

[1713910602]

1713910602

[1713910602]

1713910602

[d3xSt4Rr]

Hey guys, I have a wallet address & private key but not the password, could you please help me?

[HCP]

I assume you mean an encrypted private key... one that starts with "6P"??

If so, your chances of recovering without a really good idea of what the password was will be near impossible

[jegalindogt]

Hi AgentofCoin, i saw a post in February 20, 2017. You helped mody0101 to Crack a Passphrase. I have a similar issue.

Nice to meet you my name is Jorge.
I have a encrypted private key but i lose the password

I have the Encrypted Private Key.
The Wallet is this:
WALLET: 37zyMum5mY4dj5ySpUX3gizR1bUyc55ywP

Do you believe that that there is something to do?

I rescue a hard drive where I had stored the password of my private key.
The problem is that I have 80% of the password, I can not remember the last 2 characters
And even worse the password had 2 spaces, I can not remember if these spaces were part of the password or not.

PASSWORD TENTATIVELY: YMLHhH58J @ FXX

Do you think you could help me in this case?

Regards!

[bob123]

I rescue a hard drive where I had stored the password of my private key.
The problem is that I have 80% of the password, I can not remember the last 2 characters
And even worse the password had 2 spaces, I can not remember if these spaces were part of the password or not.

How much of the password do you actually know is correct ?

Are only the last 2 characters missing or are the spaces wrong / in wrong places ?

With only the last 2 chars missing it wouldn't take more than a few seconds to bruteforce your private key.
With also the spaces being in wrong places, it gets harder.. But still doable (if the rest of the password is correct).
With the 2 last chars missing, the spaces being in the wrong position AND the current spaces being 2 other chars, your chances get very slim.


I'd suggest you look at btcrecover (https://github.com/gurnec/btcrecover). It lets you create your own 'token' file. This corresponds to the 'way to iterate trough your password'.

[keychainX]

I rescue a hard drive where I had stored the password of my private key.
The problem is that I have 80% of the password, I can not remember the last 2 characters
And even worse the password had 2 spaces, I can not remember if these spaces were part of the password or not.

How much of the password do you actually know is correct ?

Are only the last 2 characters missing or are the spaces wrong / in wrong places ?

With only the last 2 chars missing it wouldn't take more than a few seconds to bruteforce your private key.
With also the spaces being in wrong places, it gets harder.. But still doable (if the rest of the password is correct).
With the 2 last chars missing, the spaces being in the wrong position AND the current spaces being 2 other chars, your chances get very slim.


I'd suggest you look at btcrecover (https://github.com/gurnec/btcrecover). It lets you create your own 'token' file. This corresponds to the 'way to iterate trough your password'.

You are wrong, for BIP 38 it takes quite a bit more to check the missing characters than a few seconds. For checking two missing characters you would get 9025 alterations and with the numerous options you have with compressed/uncompressed address and segwit/legacy that number grows eight fold. I would say 6-8 hours. (if its just two characters). Unfortunately there are different buggy versions of BIP38 decoders/encoders like bippy which treats the address as compressed even if its uncompressed, so the decoding process is quite unreliable where the software tells you the password is wrong even if its correct. There are even deviations where the browser itself treats the encoding wrong, which once you try to retrieve your encrypted key you will get a completely wrong decode.

/KX

[bob123]

You are wrong, for BIP 38 it takes quite a bit more to check the missing characters than a few seconds. For checking two missing characters you would get 9025 alterations and with the numerous options you have with compressed/uncompressed address and segwit/legacy that number grows eight fold. I would say 6-8 hours.

You don't need to generate compressed/uncompressed public keys and segwit-/legacy- addresses for each iteration.
It is enough to only test the ones where the decrypted private key is a valid private key (checksum helps here).

This reduces the 9025 iterations (based on your post) to a fraction.


But.. even with 9025 iterations (if you'd have to generate compressed/uncompressed public keys and all 3 types of addresses) it would NEVER take 6-8 hours on a modern machine.
With a somewhat modern graphic card, this won't take much more than a minute.

[keychainX]

You are wrong, for BIP 38 it takes quite a bit more to check the missing characters than a few seconds. For checking two missing characters you would get 9025 alterations and with the numerous options you have with compressed/uncompressed address and segwit/legacy that number grows eight fold. I would say 6-8 hours.

You don't need to generate compressed/uncompressed public keys and segwit-/legacy- addresses for each iteration.
It is enough to only test the ones where the decrypted private key is a valid private key (checksum helps here).

This reduces the 9025 iterations (based on your post) to a fraction.


But.. even with 9025 iterations (if you'd have to generate compressed/uncompressed public keys and all 3 types of addresses) it would NEVER take 6-8 hours on a modern machine.
With a somewhat modern graphic card, this won't take much more than a minute.

Again, you seems not to know what you are talking about. If you study BIP 38 for a while you will know its not possible to hashcat or use john the ripper. You would also know that the bippy code out there has a bug so you would need to do both compressed/uncompressed addys in order to cover the
whole spectrum of space with possible addresses. Finally, if you know anything about passwords, you would know the iterations wont be less than 9025 out of two missing characters.