Forgot passphrase but have keys

Like the title says. The GUI just keeps asking for the passphrase and I don’t see any option to import from the 24 words. Reinstalling didn’t give this option. What should I do?

If you only have receive addresses they are no good.

There are 2 parts in crypto key pairs, public and pvt, public is to share , these are your receiving/ sending addresses.

Pvt allow you to move funds, if you don’t have those, the pub keys are useless.

Do you have your pvt keys?

I have the 24 word mnemonic private key. When the recent update required this shorter passphrase I think I did something quick and without paying attention. I’m saying that the GUI does not appear to allow you to enter the 24 words if it thinks you should have a passphrase for your local machine.

I was able to get back in via CLI. Something was wrong with permissions on the ssl file… Still don’t know what my passphrase is though (or what the point of the passphrase is). Is there a way to find this or reset it?

The password block ppl from being able to read your pvt keys.

That’s really just as important as your mnemonic , and should have been treated as carefully.

To late now I know…
It can’t be reset I think, that would defy the whole point of coding it into chia.

All the best.

Thank you Bones! I have been farming since the start but mostly let it go on autopilot the last couple of months and didn’t realize what it was. Would a new private key come along with a new passpharase?

When you reinstall, you would need to clear your Windows Credentials for .chia, and my understand is that there is one new scrambled file in your .chia/mainnet folder. That file needs to be also removed.

The point is that that password is not bound to your mnemonics or blockchain but rather to your box, so it should be no problem to generate a new one.

Maybe before you try to reinstall it once more, just try to locate that file, kill it, remove your Windows Credentials, and give it a try.

You can try what jacek said, he’s very knowledgeable.

If it does work like that, then to me it’s pretty useless, as a competent thief would not be stopped by it.

If you created a new mnemonic, that should have no password until you create one.

But possibly if it works as jacek thinks, you might need a clean install of os first.

It’s such a new thing were all still learning exactly how it works.

1 Like

Again, that password is just box-bound. So, if any malware already has mnemonics, one can just add those to his/her setup, and will have a full access to your settings.

Also, once you go through mnemonics/password and start chia, my understanding is that any malware can get your mnemonics, whether through CLI or UI, as long as you will let chia run. At least that is what others expressed.

Another option that may work is to drop your version to pre-password (e.g., v1.29 or below), and see whether that would work.

I believe I read that doesn’t work.

1 Like

Just installed v1.2.11 on my laptop.

There is a new folder %userprofile%.chia_keys. If you kill that folder, it looks like you will be starting from scratch (can provide your old mnemonics). So, that is just annoyance at best, as it provides zilch as far as security, or rather worst as it provides a false sense of security wrongly implying that your new and shiny password gives you any protection.

I didn’t go through the full process, as I didn’t write down those initial mnemonics. However, when I started chia after adding that password via CLI (it didn’t ask me to generate one when creating the initial mnemonics), it asked me for my password. I killed chia, and renamed that folder. After that, chia didn’t ask me for password anymore and there was no fingerprint entry for the original mnemonics, so I could import my original mnemonics (if I would have save them).

With the current implementation, creating such password is just a waste of time.

Y’all seem very confused here. The point of a pass phrase is to encrypt the key at rest. The 24 words can always reproduce the private key. But you don’t want to store that in clear text on the disk. So adding the passphrase encrypts the private key so it’s harder to lift. It is far from pointless. But if you enter the words again, then you can set a new passphrase, that does not in any way make it less secure.

2 Likes

Agreed. Thats why i took a look at the github wiki describing the current state of affairs with the passphrase, old and new key storages and switching between those and upcoming posibility to purge the old storage when installing the passphrase. They did not want to do this at first implementation just in case someone would install a passphrase, encrypt the keys, purge the old storage and then forget the passphrase…

1 Like