8

I am trying to generate release apk for my new game. Even though I updated one of my other app just 3 days ago keystore had no problem at all. I am absolutely sure I remember my passwords correctly. Because when I give wrong passwords it says your password or username is incorrect.

Here's what I'm doing:

enter image description here

And here's what I'm getting:

enter image description here

Please help me what am I doing wrong here? Android studio updated 2 days ago. Do you think it would cause this problem? What should I do? Any help will be very much appreciated...

I actually had read this post Android Studio: cannot recover key before I post this question. I tried to do as he shown in his answer though I faced with this prompt: "file tampered with or password is incorrect". Now that I know that password is absolutely correct. I'm afraid I'll never be able to update my apps again.

Community
  • 1
  • 1
Les Paul
  • 219
  • 1
  • 4
  • 15
  • 3
    Possible duplicate of [Android Studio: cannot recover key](http://stackoverflow.com/questions/29997688/android-studio-cannot-recover-key) – AndroidMechanic - Viral Patel Jan 18 '16 at 19:14
  • @AndroidMechanic I actually had read that topic before I post this question. I tried to do as he shown in his answer though I faced with this prompt: "file tempered with or password is incorrect". Now that I know that password is absolutely correct. I'm afraid I'll never be able to update my apps again. – Les Paul Jan 20 '16 at 00:37
  • 2
    The KeyStore password and The Key password should be the same :) Changing both passwords using keytool Change KeyStore password `keytool -storepasswd -new newpassword -keystore KeyStore.jks` Change Alias key Password `keytool -keypasswd -alias MyKeyAlias -new newpassword -keystore KeyStore.jks` – IntelliJ Amiya Jan 29 '16 at 09:00
  • do you have your key backup? – Stanojkovic Feb 01 '16 at 23:02
  • @IntelliJAmiya I actually tried that already. Unfortunately result is same "file tempered with or password incorrect" – Les Paul Feb 02 '16 at 20:24
  • @Stanojkovic Do you mean a copy of the keystore? If so yes. I'll try that now. – Les Paul Feb 02 '16 at 20:25
  • @Les Paul Did you have luck? – Stanojkovic Feb 02 '16 at 21:06
  • @Stanojkovic Unfortunately no. I am getting the same prompt. As far as what I understand is, this two passwords must be the same. Otherwise it won't work. I believe they should indicate this in Android Studio. – Les Paul Feb 03 '16 at 14:37
  • @Stanojkovic The beginnings are the same for the two passwords but at the end of the alias it says alias. For instance it's like: pwpwpw for keystore pwpwpwalias for alias. – Les Paul Feb 03 '16 at 14:53
  • I faced the same problem then i used alpha numeric password without including special characters and it worked. Thanks. – Kamlesh Aug 15 '20 at 07:10

3 Answers3

2

I recommend you run a smart word list attack on the alias password using this tool here:

http://maxcamillo.github.io/android-keystore-password-recover/

  1. Download the JAR file for this project using the URL above.

  2. Create a text file called wordlist.txt with the words and strings that make up your password, in the order you think they appear. Put each string that you think is part of your password on a separate line. Do not leave blank lines in between each string. You may need to tinker with the wordlist.txt several times in this process to crack the password. You may also try all the variations of what you think is your password that you can possible think of.

  3. Save wordlist.txt to the same folder as the JAR file.

  4. From command line, navigate to the directory that contains the wordlist.txt and the JAR file.

  5. At the command line type: java -jar AndroidKeystoreBrute_v1.06.jar -k "full path to your keystore.jks" -d wordlist.txt to see the available options. You may want to try and use different options than what I used in my testing.

  6. Run java -jar AndroidKeystoreBrute_v1.06.jar -m 3 -k "full path to your keystore.jks" -d wordlist.txt

The -m option specifies the method used to crack your password: 1 = brute force attack (could take weeks, months or longer) 2 = dictionary attack (your password must be in the dictionary) 3 = smart word list attack (strings that you specified in wordlist.txt)

I tested this for my own alias password many times and with many different variations in wordlist.txt, and it either cracked my password in less than 1 second or didn't find the password at all. Since you believe your alias password is the same as your key store password, this procedure should help you find both passwords.

Of course I know my password so I knew what strings to put in that would work. But since you are fairly certain your remember your password, the smart word list attack should quickly find your password if it is actually a close variation of what you remember.

Good luck!!

In future you may want to store your password in a password manager, and always copy and paste passwords. Human memory is great for remembering general ideas, and completely unreliable for remembering exact items or details.

joshgoldeneagle
  • 4,575
  • 2
  • 19
  • 29
  • First of all thank you for your answer. Later on, after I tried your method it worked nicely. It has given me the exact same password just like I thought. As far as what I understand is that this two passwords must be the same. Otherwise it won't work. I believe they should indicate this in Android Studio. The beginnings are the same for the two passwords but at the end of the alias it says alias. For instance it's like: pwpwpw for keystore pwpwpwalias for alias. Than I tried to change them with -keytool though still no good. – Les Paul Feb 03 '16 at 14:58
  • @joshgoldeneagle don't work for me `Exception in thread "main" java.lang.UnsupportedClassVersionError: AndroidKeystoreBrute/AndroidKeystoreBrute : Unsupported major.minor version 52.0` – FilipeOS Mar 23 '16 at 23:45
1

After some, R&D I got solution

that your "Key store password" and your "Key password" need to be the same.

Veda
  • 61
  • 6
0

Got succes after following @joshgoldeneagle reply. The prompt gave me the alias passowrd only but using the -w feature i got a key with both passwords setted to the recovered password.

"-w saves the certificate in a new Keystore with same password as key"

java -jar AndroidKeystoreBrute_v1.06.jar -m 3 -k "full path to your keystore.jks" -d wordlist.txt -w

Renan Macedo
  • 13
  • 4