Consensual phishing: How to crack your half-forgotten crypto password

Just email Phil Dougherty.

Phil Dougherty has a side hustle as a friendly hacker. By day, he's a software developer at the University of Wisconsin, building free educational games and conducting research on the ways people play them. Meanwhile, back at home, Dougherty is the shepherd of a program that's constantly running down ways to break into other people's cryptocurrency wallets.

Dougherty works with folks who have lost, forgotten or incorrectly written down their Ethereum passwords, locking themselves out of their wallets and forfeiting the digital cash that's lurking within. These people are, essentially, shit out of luck. There's no customer support hotline for Ethereum, no security questions to answer, no "Forgot password?" link.

Cryptocurrency security relies on hashing algorithms that transform a traditional password, such as "banana$123," into a unique string of numbers and letters, called a hash. To get specific, Ethereum wallets use a password-based key derivation function, meaning users input a unique password they can (theoretically) remember, and in return, they receive a key that serves as a unique, secure authorization code. The idea is that it's impossible to reverse-engineer the hash to unlock a user's base password, though a handful of algorithms have been compromised over the years, including MD5 and SHA1. However, as Dougherty's clients have discovered, Ethereum's security system is tight.

"With Ethereum, because it's decentralized, you actually do all this on your own computer and it doesn't even touch the internet," Dougherty told Engadget. "You say, I'm creating a wallet with the password 'banana', and it turns into this mess of a key. And because there's no company interface, there's no one that can help you reset that password if you forget it. So the only way to fix that problem, I guess, is to find clever ways to try using that same hash to try and reproduce the complicated output."


Essentially, you go phishing. In a phishing attack, a hacker attempts to gather information about someone without their consent, commonly through compromised email links and official-looking forms. Ethereum's security protocols may be solid on a technical level, but they can't stop someone from figuring out a password simply by asking the owner what it is, or tricking them into dropping clues.

Only, Dougherty isn't tricking anyone. People come to him and willingly answer personal questions about their password habits. Do they usually capitalize letters or change some to numbers? Do they use their birth year, a favorite location or special symbols?

"Maybe, instead of choosing your favorite city, you chose your favorite movie or an actor or your name, or something like that," Dougherty said. "Over email I just repeatedly ask the person and help massage it out of them where it's not clicking, to break down why the things that they think their password might be, are."

Dougherty then uses a mix of the password-cracking software hashcat and a program he built, called expandpass, which runs through varying, controlled permutations of specific words and symbols, but on a massive scale. On GitHub, he describes expandpass as, "useful for cracking passwords you kinda-remember."

These programs are free and publicly available, but most folks don't have the hardware or the programming expertise to put them to use. Dougherty happens to have the practical knowledge, and his rig is significant: It's running a 1080 Ti graphics card with a 16-core CPU and 64GB of memory. Still, it can take months to crack a password.

Crypto currency Ethereum  logo is seen on an android mobile

If he's successful, the client pays him. In Ethereum, of course. Sometimes, however, Dougherty cuts a project off after a few months, before finding the proper password, and he and the client go their separate ways. He doesn't call this failing.

"There is no fail state, right?" he said. "I could keep trying indefinitely on anything. It's more of a give-up state where it's no longer worth my time or their time to keep iterating on this, to keep my cracking rig running. Because it does consume power. So, there's an interesting negotiation that takes place."

Dougherty got his start in cryptocurrency cracking in 2017, after reading a Reddit post from someone who wanted to brute force their way into their own Ethereum wallet. The Redditor remembered part of their password and generally what it looked like, handing Dougherty a puzzle perfectly suited to his interpersonal coding skills. He and five other programmers ended up racing to crack this user's password. Dougherty won.

"I successfully unlocked that guy's password, and then straight from that post I started getting, 'Well wait, hey, could you try to help me with that?'" Dougherty said. "Things organically grew from there."

Cryptocurrency looks a little less complicated from the perspective of a phisher. From this lens, it doesn't matter how robust the technical protocols are, when humans are much more predictable. Dougherty has encountered a handful of common, inherently human crypto-password quirks that are also potential security risks. For one, a lot of people use words that pertain to the actual function of the password, like "Ethereum" or "wallet."


"I'd say 90 percent and up use their birth year or the last two digits of their birth year," Dougherty said. "And another funny thing is, there is a demographic of people who use cryptocurrency, so they all tend to be born around the same time. These years are a pretty narrow range, which is like, that's a security consideration. Knowing just that isn't sufficient to break in or anything, but it's a start."

Luckily, Dougherty is using this knowledge for good. He normally works with Ethereum, but his method should apply the same way across other wallets and half-forgotten-password scenarios. With potentially game-changing cryptocurrencies on the horizon, such as Facebook's Libra, Dougherty's services should be in high demand. At least, until Zuckerberg and friends enter the cryptocurrency customer service business themselves.

"The thing that's particularly rare about it, actually, is that it's collaborative and consensual," he said. "Because cryptocurrency is so new, I think that this is the first instance where it's useful to have a person in my position, where I can work with a client, consensually, to come to these conclusions."

Images: Phil Dougherty (expandpass); SOPA Images / Getty Images (Ethereum)