Skip to content

Password Recovery

You probably reached this page because you lost or forgot your safe password and are now unable to access the passwords stored inside your safe.

First, let's face the reality:

  • There is no way to reset the safe password.
  • There is no mechanism within pwSafe to retrieve lost or forgotten safe passwords.
  • There is no backdoor.
  • Your data is securely encrypted, only the current safe password will give access to your data.

Our best advice is to try really hard to remember your password and try every possible combination you can think of. You probably already did that. Please keep doing it as it is by far the most efficient solution.

Recovery Service

We can do the same an adversary would do: trying long lists of passwords that are either randomly chosen (brute-force) or are known to be used often, including small variations like adding 1! at the end to satisfy password policy requirements (dictionary attack).

This obviously consumes a lot of computational resources, which is why this is a paid service.

As we understand how stressful it can be to lose access to all records stored in your safe, we offer this service to the community for a reasonable fee ($US 49). To use our service, please follow these steps:

  1. Open a support request.
    Note: if you already have an open support request, you can skip this step.
  2. We will send you a document to sign in which you attest that you
    • are not engaging or causing Huvisoft to engage in any illegal activity
    • have a legal right to recover the safe password
  3. We will provide you with instructions how to transfer only the required part of your safe. Do not send us the full safe as that would give us access to all your passwords if we manage to recover the safe password.
  4. We will send you a payment request. After receiving your payment, we attempt to recover the safe password using the brute-force and dictionary attacks described above, using our extensive collection of passwords.

Note that we cannot guarantee that we will be able to recover your password. If your safe is protected with a very strong password it will be hard or impossible to recover. Your payment is non-refundable regardless if we manage to recover your password or not.

Which safes are supported?

At the moment we support safes in the .psafe3 format, as used by

  • pwSafe (iOS, Mac)
  • Password Safe (Windows, Linux)
  • PasswdSafe (Android)

YubiKey protected

If your safe is two-factor protected (with a YubiKey in addition to a password), then it is impossible to recover the password. Every attempt to unlock your safe requires the YubiKey to generate a digital signature which cannot be automated.

Why is there no guarantee on recovery?

Please read the introduction above again. Your safe is encrypted with enterprise-grade encryption. You, and only you, have the key. If your safe password is strong (long, mostly random) then it can take millions of years using all the computers in the world in parallel to try all possible combinations before your password is recovered.

To keep this service affordable, the amount of computational resources must be limited, obviously. The $US 49 fee allows us to use a preset amount of resources that has been enough to recover many passwords in the past.

In case your password was not recovered after using these resources, we will engage with you how to proceed. If you want we can continue the recovery attempt trying more complex password combinations (requiring an additional fee) or leave it at that.