The Story of Michael’s Lost Bitcoin Password
Introduction
Two years ago, “Michael,” a European-based cryptocurrency owner, faced a significant challenge when he lost access to his digital wallet containing 43.6 BTC. This article delves into his journey and the technical intricacies involved.
The Lost Password
Michael stored his cryptocurrency in a password-protected digital wallet. He used the RoboForm password manager to generate a 20-character password and encrypted it with TrueCrypt. Unfortunately, the encrypted file got corrupted, and Michael lost access to his password, which secured his 43.6 BTC (worth about €4,000 or $5,300 in 2013).
“At [that] time, I was really paranoid with my security,” he laughs.
The Role of Grand
Grand, a renowned hardware hacker, initially turned down Michael’s request for help. However, in 2022, Grand assisted another crypto wallet owner, showcasing his expertise in the field.
RoboForm’s Password Generation
RoboForm, developed by Siber Systems, was one of the first password managers available. The company made changes to “increase randomness of generated passwords” but did not specify how. According to Siber spokesman Simon Davis, “RoboForm 7 was discontinued in 2017.”
Grand expressed concerns about the security of passwords generated by RoboForm before the 2015 fix. He stated:
“I’m still not sure I would trust it without knowing how they actually improved the password generation in more recent versions. I’m not sure if RoboForm knew how bad this particular weakness was.”
Potential Vulnerabilities
Customers who used RoboForm to generate passwords before 2015 might still be using vulnerable passwords. Siber Systems did not notify customers to regenerate passwords after the fix in 2015, leaving many potentially at risk.
“We know that most people don’t change passwords unless they’re prompted to do so,” Grand says. “Out of 935 passwords in my password manager (not RoboForm), 220 of them are from 2015 and earlier, and most of them are [for] sites I still use.”
Michael’s Fortunate Outcome
In November, Grand and Bruno managed to recover a portion of Michael’s bitcoins, deducting a fee for their work. At the time, bitcoin was worth $38,000 per coin. Michael waited until the value rose to $62,000 per coin before selling some of it. He now holds 30 BTC, worth $3 million, and is waiting for the value to reach $100,000 per coin.
Michael reflects on his experience:
“That I lost the password was financially a good thing.”
5 Comments
Cracking an 11-year-old password feels like hacking into a time capsule.
It’s incredible to think about the patience—and luck—involved in cracking such an old password!
That’s insane, imagine waiting 11 years to access a crypto treasure trove!
Marie Ava: So, after 11 years, is it luck or skill that unlocks $3 million?
James Carter: So, does this mean we’re all rich if we just remember old passwords?