Passphrase Recovery

From Nxt Wiki
Jump to: navigation, search

Unfortunately, if you don't know what is your account passphrase, you cannot use your account. However in certain situations you might have a pretty good idea what your passphrase is but perhaps you made a typo while entering it or used a unicode special character without realizing it. Use this utility to attempt recovery of your real account passphrase based on approximate passphrase you remember. This utility will also find accounts without public key.

1 Instructions

The passphrase recovery utility is part of the NXT installation.

To use this utility in order to attempt passphrase recovery perform the following steps:

Install an NXT node, start it and wait for the blockchain to download and fully sync with network (if you are in a hurry you can download a copy of the blockchain from the Jelurida web site)

Shutdown your NXT node

Open a command line session and navigate to the NXT installation folder

invoke the following command:

Linux/Mac - passphraseRecovery.sh

Windows - passphraseRecovery.bat

By default the command will run and terminate with the following message: "Specify in the recoveryWildcard setting, an approximate passphrase as close as possible to the real passphrase"

You are now all set to start the recovery process.

2 Configuration

Passphrase recovery is controlled by the following settings specified in the standard nxt.properties file

recoveryWildcard - specifies your best guess passphrase.

recoveryPositions - if you know which positions in your passphrase might be wrong, then specify them here as a comma separated list. If you don't specify positions, the scanner will scan for a single typo over the whole passphrase. The more positions you specify the more time it takes the scanner to scan all options.

recoveryDictionary - by default the scanner will attempt to replace the scanned positions in the recovery wildcard with ascii characters in the range 32 to 127 i.e. lower case, upper case, digits and special characters. This is usually what you want to try. However you can specify different values "asciiall" means all ascii codes between 0 and 255. "unicode" means all unicode glyphs between 0 and 2^16 - 1 this is useful in case you copied the password from MS word which defaults (for example) to using unicode quotes character instead of the ascii quote. Alternatively you can just specify a stream of characters to be used as the recovery dictionary. The larger the dictionary the more time it takes the scanner to scan all options. To look for unicode characters use the \u notation for example \u2019 will attempt the Unicode Character 'RIGHT SINGLE QUOTATION MARK' (U+2019)

3 Examples

On the NXT blockchain account NXT-5WUN-YL5V-K29F-F43EJ has passphrase 1234 let's try to recover this passphrase using several configurations:

3.1 Find a single typo

In nxt.properties set:

recoveryWildcard=12e4

Invoke passphraseRecovery.bat to get the solution:

Solution{passphrase=1234, passphraseChars=[49, 50, 51, 52], publicKey=fddcda69eeca58e5d783ad1032d080d2758a4e427881b6a4a6fe43d9e7f4ac34, accountId=-2868754528991055020, rsAccount=NXT-5WUN-YL5V-K29F-F43EJ}

3.2 Find multiple typos in known positions

In nxt.properties set:

recoveryWildcard=1abc

recoveryPositions=2,3,4

Invoke passphraseRecovery.bat to get the solution:

Solution{passphrase=1234, passphraseChars=[49, 50, 51, 52], publicKey=fddcda69eeca58e5d783ad1032d080d2758a4e427881b6a4a6fe43d9e7f4ac34, accountId=-2868754528991055020, rsAccount=NXT-5WUN-YL5V-K29F-F43EJ}

3.3 Optimize the dictionary to look only for digits

In nxt.properties set:

recoveryWildcard=1abc

recoveryPositions=2,3,4

recoveryDictionary=0123456789

Solution{passphrase=1500, passphraseChars=[49, 53, 48, 48], publicKey=6932039ff155599267c245153a7ec9bbc01d9dc66416d1754a3800e5f5c54b3e, accountId=2069346145795346760, rsAccount=NXT-B6CA-DEAR-K6EL-3DYFT}

(note that this time we actually found another account)

4 What's next

This utility can be enhanced in several ways.

For example:

Look for more than one type in an unknown location. Finding 2 or 3 typos can be performed in reasonable time.

Look for specific problems related to 12 words passphrase, for example given N known words try to find the remaining 12-N words from the dictionary used by the client.