Android: How to recover alias password?

Question

I'm posting this question because I spent a long time figuring it out yesterday and couldn't find a definitive answer here. As you probably know, if you can't remember the password for your private key then you can't update any app that you currently have on the store. What do you do if you can't remember what password you used?

See below for my answer.

Answer 1

When setting a password for your keystore and the alias you are using for the app that you are publishing the first thing you should do after making them is to write them down somewhere so you don't forget.

If you didn't do that and have since forgotten your passwords then download this java program

This is basically a program that uses either a brute force attack, a dictionary attack, or a smart wordlist attack. The first one will take a long time, the second one will also take a while but your password has to be some word in the dictionary.

The third method is the one you want to go for if you can. Essentially you make a text file with a bunch of words that you use regularly in passwords or words that you know make up the password that you forgot. Then you run the program with that text file and it combines them in different ways and also adds numbers to the end.

When I used this yesterday it took about two seconds to discover the password of my alias!

Steps:

1. Download the .jar file from the link above and place it in the same directory as your keystore.
2. Make the text file as described above and also place that in the directory.
3. Run this command: [java -jar AndroidKeystoreBrute_v1.04.jar -m 3 -k "/home/user/keyStore.jks" -d "wordlist.txt"] in the terminal.

And there you go! Hopefully that will work for you. It saved me a lot of heartache yesterday!

Also here is another link to a page where someone explains this process really well: Link