Forgot my passphrase on bitcoin-otc Help with bruteforce or finding another way

[nster]

So I forgot my passphrase (the one you need to do clearsign). My pass is most probably a 6 character passphrase with only numbers, and only containing 6 possible different numbers (ie: I know there are no 0s and 6s)

Could someone help me bruteforce it or something? Or does Kleopatra somehow store it somewhere?

I have 2 6870s and an i7 920 @ 4GHz so I think it should be fairly easy no?

[1714908447]

1714908447

[1714908447]

1714908447

[1714908447]

1714908447

[theymos]

That's a terrible password. You should be able to crack it in not too much time by using a bash script and GPG with the --passphrase option.

[nster]

That's a terrible password. You should be able to crack it in not too much time by using a bash script and GPG with the --passphrase option.

Keefe is helping me with a python cracker

my passwords vary in strenght. My strongest passwords have 26 caracters, mixed numbers and letters and caps and lowercase and no words or anything

[AbeSkray]

My pass is most probably a 6 character passphrase with only numbers, and only containing 6 possible different numbers (ie: I know there are no 0s and 6s)

This strikes me as very bad. I'm new to #bitcoin-otc, but if someone publicly admits that their GPG password is weak, that raises a red flag in my mind. If your password is easily crackable, does your web-of-trust rating actually mean anything?

If I talk to nster on #bitcoin-otc how do I know it's the real nster and not an impersonator? Does a challenge string clearsigned with nster's public key actually prove his identity? No. Not if I know that nster's private key is protected by a passphrase that can be brute-forced in only 8⁶ attempts.

Of course, I don't know that nster's passphrase is really that weak. The owner of the nster account on this forum is not necessarily the owner of the nster GPG key on #bitcoin-otc. For all I know, the OP is impersonating nster and trying to tarnish his web-of-trust rating.

I'm not trying to be hostile or antagonistic, so I apologize if I'm coming off that way. I guess I'm just trying to say that you're not going to gain any credibility among crypto-nerds by advertizing how weak your GPG passphrase is. Your public key is your identity. Protect it.

[nster]

My pass is most probably a 6 character passphrase with only numbers, and only containing 6 possible different numbers (ie: I know there are no 0s and 6s)

This strikes me as very bad. I'm new to #bitcoin-otc, but if someone publicly admits that their GPG password is weak, that raises a red flag in my mind. If your password is easily crackable, does your web-of-trust rating actually mean anything?

If I talk to nster on #bitcoin-otc how do I know it's the real nster and not an impersonator? Does a challenge string clearsigned with nster's public key actually prove his identity? No. Not if I know that nster's private key is protected by a passphrase that can be brute-forced in only 8⁶ attempts.

Of course, I don't know that nster's passphrase is really that weak. The owner of the nster account on this forum is not necessarily the owner of the nster GPG key on #bitcoin-otc. For all I know, the OP is impersonating nster and trying to tarnish his web-of-trust rating.

I'm not trying to be hostile or antagonistic, so I apologize if I'm coming off that way. I guess I'm just trying to say that you're not going to gain any credibility among crypto-nerds by advertizing how weak your GPG passphrase is. Your public key is your identity. Protect it.

Well it turns out my password was not a 6 number thing.... It's one of my more complicated passwords so now I'm stuck trying them out lol

a few minutes after my post I tried to bruteforce it with what I thought I knew but it ended up not being true.

Also, I usually change my password to better passwords once it means something to me. until now, I have only 2 ratings that worked with very low amounts of BTC and I did not really know how to use it. Now that I potentially can have more ratings and know how to use it properly, I would have changed it. There was virtual no reputation with the GPG key yet

[kerstone]

Thats funny. I just did the same thing, but im an idiot. However, same situation; its really easy, but that was only because it was my test pass. I'm learning...and I don't want you to crack it. its driving me crazy, i just blanked it.