Topic: Forgot my passphrase on bitcoin-otc Help with bruteforce or finding another way (Read 3223 times)
March 24, 2013, 04:55:57 PM
Thats funny. I just did the same thing, but im an idiot. However, same situation; its really easy, but that was only because it was my test pass. I'm learning...and I don't want you to crack it. its driving me crazy, i just blanked it.
April 14, 2011, 06:37:45 PM
My pass is most probably a 6 character passphrase with only numbers, and only containing 6 possible different numbers (ie: I know there are no 0s and 6s)
This strikes me as very bad. I'm new to #bitcoin-otc, but if someone publicly admits that their GPG password is weak, that raises a red flag in my mind. If your password is easily crackable, does your web-of-trust rating actually mean anything?
If I talk to nster on #bitcoin-otc how do I know it's the real nster and not an impersonator? Does a challenge string clearsigned with nster's public key actually prove his identity? No. Not if I know that nster's private key is protected by a passphrase that can be brute-forced in only 86 attempts.
Of course, I don't know that nster's passphrase is really that weak. The owner of the nster account on this forum is not necessarily the owner of the nster GPG key on #bitcoin-otc. For all I know, the OP is impersonating nster and trying to tarnish his web-of-trust rating.
I'm not trying to be hostile or antagonistic, so I apologize if I'm coming off that way. I guess I'm just trying to say that you're not going to gain any credibility among crypto-nerds by advertizing how weak your GPG passphrase is. Your public key is your identity. Protect it.
Well it turns out my password was not a 6 number thing.... It's one of my more complicated passwords so now I'm stuck trying them out lol
a few minutes after my post I tried to bruteforce it with what I thought I knew but it ended up not being true.
Also, I usually change my password to better passwords once it means something to me. until now, I have only 2 ratings that worked with very low amounts of BTC and I did not really know how to use it. Now that I potentially can have more ratings and know how to use it properly, I would have changed it. There was virtual no reputation with the GPG key yet
April 14, 2011, 06:30:31 PM
My pass is most probably a 6 character passphrase with only numbers, and only containing 6 possible different numbers (ie: I know there are no 0s and 6s)
This strikes me as very bad. I'm new to #bitcoin-otc, but if someone publicly admits that their GPG password is weak, that raises a red flag in my mind. If your password is easily crackable, does your web-of-trust rating actually mean anything?
If I talk to nster on #bitcoin-otc how do I know it's the real nster and not an impersonator? Does a challenge string clearsigned with nster's public key actually prove his identity? No. Not if I know that nster's private key is protected by a passphrase that can be brute-forced in only 86 attempts.
Of course, I don't know that nster's passphrase is really that weak. The owner of the nster account on this forum is not necessarily the owner of the nster GPG key on #bitcoin-otc. For all I know, the OP is impersonating nster and trying to tarnish his web-of-trust rating.
I'm not trying to be hostile or antagonistic, so I apologize if I'm coming off that way. I guess I'm just trying to say that you're not going to gain any credibility among crypto-nerds by advertizing how weak your GPG passphrase is. Your public key is your identity. Protect it.
April 10, 2011, 12:02:56 AM
That's a terrible password. You should be able to crack it in not too much time by using a bash script and GPG with the --passphrase option.
Keefe is helping me with a python cracker
my passwords vary in strenght. My strongest passwords have 26 caracters, mixed numbers and letters and caps and lowercase and no words or anything
April 09, 2011, 11:18:15 PM
That's a terrible password. You should be able to crack it in not too much time by using a bash script and GPG with the --passphrase option.
April 09, 2011, 10:59:36 PM
So I forgot my passphrase (the one you need to do clearsign). My pass is most probably a 6 character passphrase with only numbers, and only containing 6 possible different numbers (ie: I know there are no 0s and 6s)
Could someone help me bruteforce it or something? Or does Kleopatra somehow store it somewhere?
I have 2 6870s and an i7 920 @ 4GHz so I think it should be fairly easy no?
Could someone help me bruteforce it or something? Or does Kleopatra somehow store it somewhere?
I have 2 6870s and an i7 920 @ 4GHz so I think it should be fairly easy no?
Jump to: