-5

I've forgotten the password for my Seagate portable drive. I locked it using windows BitLocker two years ago. I can't remember the password but I almost know what's the password.

Is there any way to open it? Could I use some software which could hack the drive?

S.L. Barth
  • 5,486
  • 8
  • 38
  • 47
adam kaplan
  • 1
  • 1
    Use the recovery key you were asked to save, if you don't have that either, your out of luck – Ramhound Nov 12 '16 at 19:13
  • Thank you for your comment, no i don't have the recovery key, but i almost know what's the password, is there any tool who can help me. thanks – adam kaplan Nov 12 '16 at 19:14
  • I don't know if there are tools specifically for BitLocker. But you could take the key it "almost" is, and generate permutations of it. If you know how to program, you could write a script yourself. Otherwise, there are tools for this, but be careful that they don't contain malware. Then you'd need a script to try these passwords in order. – S.L. Barth Nov 12 '16 at 19:49
  • yes i think this is a good idea, which command should i run to check if the password is correct ? thanks – adam kaplan Nov 12 '16 at 21:28
  • @S.L.Barth what do you think about this : https://www.youtube.com/watch?v=r-vDYfcR54s – adam kaplan Nov 12 '16 at 22:46

1 Answers1

1

Sorry but you are out of luck,

BitLocker uses AES-128/256 (XTS-AES 128/256) which is considered a "safe" algorithm (https://stackoverflow.com/questions/16537418/how-secure-is-aes-128)

"Almost" knowing the password does not change anything for you decryption wise as there is nothing like "almost decrypted", either you have the password or not. Letting people "almost" decrypt something with a password that nearly matches the correct one would be a major security flaw as it would give hints on the real password.

As long as you can´t guess the correct password based on that "almost" or provide the 8*6 number long recovery key you got during initial encryption you cannot decrypt that drive.

Community
  • 1
architekt
  • 986
  • 1
  • 7
  • 18
  • 1
    "Almost" means that a password cracker could try a large number of related passwords (assuming it isn't using a TPM to enforce a rate limit). – CodesInChaos Nov 12 '16 at 20:54
  • what do you think about this https://www.youtube.com/watch?v=r-vDYfcR54s – adam kaplan Nov 12 '16 at 22:47
  • Thats just simple brute forcing. As it seems Bitlocker needs a minimum password length of 8 characters (https://social.msdn.microsoft.com/Forums/sqlserver/en-US/cd8bb2a6-5807-473e-b80c-90e1997238b3/looking-for-bitlocker-password-requirements?forum=windowsgeneraldevelopmentissues) If you got a password with let´s say just numbers and lower case characters so a-z and 0-9 with a lenght of 8 digits thats about 2901713047668 possible passwords. With a speed of 20 passwords/s (like in the video) it would need about 4597 years 213 days 16 hours 46 minutes and 1 seconds to finish – architekt Nov 13 '16 at 00:20
  • thank you for you, are you familiar with companies which could run parallel task to reduce this period !! – adam kaplan Nov 13 '16 at 09:59