Help! I forgot the passphrase to pgp 8.1 winxp - PGP

This is a discussion on Help! I forgot the passphrase to pgp 8.1 winxp - PGP ; Hi, i forgot my long passphrase to pgp 8.1 winxp since i had not used pgp for months and yesterday i recived an encrypted mail... everywhere i look, i see the phrase "dont ever forget your passphrase, or your f***d" ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: Help! I forgot the passphrase to pgp 8.1 winxp

  1. Help! I forgot the passphrase to pgp 8.1 winxp

    Hi, i forgot my long passphrase to pgp 8.1 winxp since i had not used
    pgp for months and yesterday i recived an encrypted mail...
    everywhere i look, i see the phrase "dont ever forget your passphrase,
    or your f***d"

    on the other hand, i remember the rules i used to generate the
    passphrase and i know i am very close, but not yet there...

    isnt the passphrase stored somewhere in a file or something so i can
    brute force it?
    isnt there a program that can help me brute force my passphrase?
    manual brute forcing cannot be the only way...

    I really need your help!
    thanx!

  2. Re: Help! I forgot the passphrase to pgp 8.1 winxp

    aombk wrote:

    "dont ever forget your passphrase,
    > or your f***d"
    >


    Thats about the size of it i'm afraid!

    --
    Best Wishes from Martin

    So many questions, so few answers.

  3. Re: Help! I forgot the passphrase to pgp 8.1 winxp

    > isnt the passphrase stored somewhere in a file or something so i can
    > brute force it?
    > isnt there a program that can help me brute force my passphrase?


    I certainly hope not. Wouldn't that defeat the purpose of using PGP?


    > manual brute forcing cannot be the only way...


    I certainly hope it is!



  4. Re: Help! I forgot the passphrase to pgp 8.1 winxp

    aombk wrote:
    >
    > Hi, i forgot my long passphrase to pgp 8.1 winxp since i had not used
    > pgp for months and yesterday i recived an encrypted mail...
    > everywhere i look, i see the phrase "dont ever forget your passphrase,
    > or your f***d"
    >
    > on the other hand, i remember the rules i used to generate the
    > passphrase and i know i am very close, but not yet there...
    >
    > isnt the passphrase stored somewhere in a file or something so i can
    > brute force it?
    > isnt there a program that can help me brute force my passphrase?
    > manual brute forcing cannot be the only way...


    No, the passphrase is NOT stored anywhere, except in your head.
    (If you don't take security seriously, it's also written on a
    post-it stuck to your monitor or in a plain-text file on your hard
    drive. But then, someone who does that also is likely to leave the
    key for the front door of his house on a hook just under the porch
    light.)

    The passphrase is used to encrypt your private key for storing the
    latter on your computer. I believe the process involves hashing
    the passphrase and then using the hash for symmetric encryption of
    your private key. Since this encryption is symmetric, a new hash
    of the passphrase (using the same hash algorithm) can then be used
    to decrypt your private key in order for you to then use the key
    for signing or decrypting.

    This process eliminates the need to store the passphrase. If you
    use the PGP capability to cache the passphrase, I don't know what
    is really cached: the passphrase itself or the decrypted private
    key. In either case, caching is generally for only a few minutes.

    --

    David E. Ross


    I use Mozilla as my Web browser because I want a browser that
    complies with Web standards. See .

  5. Re: Help! I forgot the passphrase to pgp 8.1 winxp

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    aombk wrote in news:cp47i3$mag$4@nic.grnet.gr:


    > isnt there a program that can help me brute force my passphrase?
    > manual brute forcing cannot be the only way...



    I don't know if it will really help, but you may want to try the demo
    here:

    http://www.accessdata.com/

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.1
    Comment: My PGP Page & FAQ: http://www.mccune.cc/PGP.htm

    iQEVAwUBQbYsSWDeI9apM77TAQI5UQf/bjOlR28Rmh2sGkM/Onrjmpk7rPKdj/A8
    nJXs4DhJ2L0Uz53TNI08z43A/4AqXup5LY/QqtYMsmG/Nm2qOg/EDncaRuRzBn6+
    epHZputd7++C0gYGPkfty9/CflpxrMfXyDYHrzTJyoyQeB/lQ9itMyJoqewlBjqC
    wRvln7SzFIy3UedDOX8l0GHL6ERP3ueDXiubGRVKDSbg/8Ticocj5NtGup5WNiaZ
    8HzkWslEhMPQTmrzOWYupHrGllJJFfVAKcfu31MDTgNs3ksvpw 945qO64aeAW6CI
    zC6Fvh2M5N25muVWg/vBrJav1LM4sWBoPhIA6vc4zanvKCOQaRUBhw==
    =+yBf
    -----END PGP SIGNATURE-----

  6. Re: Help! I forgot the passphrase to pgp 8.1 winxp

    Tom McCune wrote:
    > -----BEGIN PGP SIGNED MESSAGE-----
    > Hash: SHA1
    >
    > aombk wrote in news:cp47i3$mag$4@nic.grnet.gr:
    >
    >
    >
    >>isnt there a program that can help me brute force my passphrase?
    >>manual brute forcing cannot be the only way...

    >
    >
    >
    > I don't know if it will really help, but you may want to try the demo
    > here:
    >
    > http://www.accessdata.com/
    >
    > -----BEGIN PGP SIGNATURE-----
    > Version: PGP 8.1
    > Comment: My PGP Page & FAQ: http://www.mccune.cc/PGP.htm
    >
    > iQEVAwUBQbYsSWDeI9apM77TAQI5UQf/bjOlR28Rmh2sGkM/Onrjmpk7rPKdj/A8
    > nJXs4DhJ2L0Uz53TNI08z43A/4AqXup5LY/QqtYMsmG/Nm2qOg/EDncaRuRzBn6+
    > epHZputd7++C0gYGPkfty9/CflpxrMfXyDYHrzTJyoyQeB/lQ9itMyJoqewlBjqC
    > wRvln7SzFIy3UedDOX8l0GHL6ERP3ueDXiubGRVKDSbg/8Ticocj5NtGup5WNiaZ
    > 8HzkWslEhMPQTmrzOWYupHrGllJJFfVAKcfu31MDTgNs3ksvpw 945qO64aeAW6CI
    > zC6Fvh2M5N25muVWg/vBrJav1LM4sWBoPhIA6vc4zanvKCOQaRUBhw==
    > =+yBf
    > -----END PGP SIGNATURE-----


    Thank you... as a matter of fact a friend suggested the same tool this
    afternoon.
    I am trying it right now...

  7. Re: Help! I forgot the passphrase to pgp 8.1 winxp

    So people, let me get this right...

    PGP scrambles my passphrase in an "md5 hash of 2048bits(for example)"
    like way to produce something... that something is my publick key? or is
    it my private key? or is it the IDEA key? and what is that IDEA key???

    please correct me where i am wrong... or direct me to some good reading
    about how pgp works... i read some faqs but couldnt figure it out...

    so, my thoughts are these:

    -if pgp uses my passphrase to generate this "something" and every time i
    type my passphrase it checks wether this "something" corresponds(could
    have been generated by) to the passphrase, maby i can find a way to
    check this myself using a tool that can use a dictionary or a mask attack...

    -i could also find a tool (and i really need your help in this)that
    actually tries passphrases contained in a dictionary directly in the PGP
    passphrase prompt.

    since i remember most of my passphrase i can actually use a mask attack
    or generate a dictionary that would be, as i calculated, less than 100GB

    please...HELP!
    thanx...

+ Reply to Thread