Lesson learnt the hard way: Always store your passwords. Yes, do it securely, use a password manager, hide a piece of paper behind multiple protection mechanisms, but DO KEEP A BACKUP OF YOUR PASSWORDS

Long story short: I decided to store every 2FA revocation code as well as every PGP and SSH key of mine in a strongly (64 Argon2d rounds) encrypted KDBX v4. As you may have guessed, I forgot the password. I do remember it slightly, but to no luck. Have been trying to brute-force it for 6 hours...


There is a way to extract a hash from KeePass databases up to v3.1 and use Hashcat or John on them, which would save me tons of time. Apparently, similar stuff simply doesn't exist for KDBX v4 :(

After 6 hours of running my bodged Python code on ca. 5k possible combinations, I think it's time to give up and just regenerate my 2FA revocation keys. Luckily, PGP and SSH keys were there for backup and are also present on my machine.

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.