In cryptocurrency wallets, passwords and mnemonic phrases are crucial for asset security. If the password is lost or forgotten and there is no backup mnemonic phrase for recovery, regaining access to the wallet becomes nearly impossible.
Recently, a fortunate case happened to a user known as Michael. According to Wired, in 2013, Michael stored 43.6 BTC (worth $5,300 at the time, nearly $3 million now) in a digital wallet. He used the RoboForm password manager to generate a 20-character password for the wallet and stored it in a file encrypted with TrueCrypt.
Unfortunately, the file later became corrupted, preventing Michael from accessing his wallet. To recover his password, he repeatedly contacted hardware hacker Joe Grand for assistance. (Grand, known as "Kingpin," helped a crypto user regain access to their Trezor wallet in 2022.)
Grand later collaborated with a German friend named Bruno. Through reverse engineering, they discovered a vulnerability in the 2013 version of RoboForm password manager, where the system tied password generation to the computer's date and time, making the generated passwords predictable (the vulnerability was fixed in 2015).
This meant that if they knew the approximate time the password was generated and other parameters (like password length, character types, etc.), they could calculate any password generated on a specific past date and time.
In practice, they adjusted RoboForm’s time settings to make the software think the current date was the date when Michael created the password in 2013, trying to recreate the original password. Although Michael couldn’t accurately recall the password creation date, through continuous adjustments of the time range and parameters, they finally found the correct password with the date set to May 15, 2013, at 4:10:40 PM GMT. For detailed technical specifics, refer to Grand and Bruno’s YouTube video.
It’s important to note that although RoboForm’s developer, Siber Systems, has since fixed the vulnerability, Grand warned:
Without knowing how Siber addressed the issue, attackers could still regenerate passwords generated by RoboForm before the 2015 fix.
He advised users of the tool to update their passwords or use other password managers.
Last November, after Grand and Bruno helped Michael regain wallet access, they took a portion of the bitcoins as a service fee. At that time, bitcoin was priced at $38,000 each.
Later, when the bitcoin price rose to $62,000, Michael sold part of his bitcoins. He currently holds 30 BTC, valued at over $2 million, and is waiting for the price to reach $100,000 per coin.
Michael recalled that the lost password ironically became his financial windfall. He said:
"Losing the password actually brought me financial benefits. If it weren’t for the lost password, I might have sold the bitcoins when the price was only $40,000, thus missing out on a greater wealth increase."