Consensual Phishing: How to Crack Your Half-Forgotten Crypto Password
MrPlow writes:
Submitted via IRC for SoyCow2718
Phil Dougherty has a side hustle as a friendly hacker. By day, he's a software developer at the University of Wisconsin, building free educational games and conducting research on the ways people play them. Meanwhile, back at home, Dougherty is the shepherd of a program that's constantly running down ways to break into other people's cryptocurrency wallets.
Dougherty works with folks who have lost, forgotten or incorrectly written down their Ethereum passwords, locking themselves out of their wallets and forfeiting the digital cash that's lurking within. These people are, essentially, shit out of luck. There's no customer support hotline for Ethereum, no security questions to answer, no "Forgot password?" link.
[...] Dougherty got his start in cryptocurrency cracking in 2017, after reading a Reddit post from someone who wanted to brute force their way into their own Ethereum wallet. The Redditor remembered part of their password and generally what it looked like, handing Dougherty a puzzle perfectly suited to his interpersonal coding skills. He and five other programmers ended up racing to crack this user's password. Dougherty won.
"I successfully unlocked that guy's password, and then straight from that post I started getting, 'Well wait, hey, could you try to help me with that?'" Dougherty said. "Things organically grew from there."
Source: https://www.engadget.com/2019/09/13/forgot-password-ethereum-cryptocurrency-lost-expandpass/
Read more of this story at SoylentNews.