Did you know that an average person has about 100 passwords, and an average internet user in the United States is locked out of 10 accounts every month? While passwords for most online services are easy to recover, recovering a cryptocurrency wallet password is typically much more complicated.
Many people who participated in the 2014 Ethereum presale forgot their password to their wallet. While recovery of those passwords may be possible, the process is complicated, and it requires a lot of background knowledge:
- What wallets did the Ethereum foundation recommend that you use?
- What was the naming convention for the wallet file?
- What were the password requirements?
This article covers those questions and more, to give you the best possible chance of recovering your funds.
What Was the Ethereum Presale?
The Ethereum presale was literally a sale of Ether to investors before Ether existed. Investors could buy Ether with Bitcoin, even though the Ethereum blockchain did not yet exist, and the genesis block had not yet been mined.
When it launched on July 22, 2014, the Ethereum presale was so successful that Camila Russo described it in a CoinDesk.com article as the “Sale of the Century.”
Following weeks of speculation, Vitalik Buterin, the Ethereum founder, posted an announcement on the Ethereum Foundation Blog announcing the sale.
In his announcement, Buterin tells the story of the substantial hardships his team had faced: “We certainly miscalculated the sheer difficulty of navigating the relevant legal processes in the United States and Switzerland, as well as the surprisingly intricate technical issues surrounding setting up a secure sale website and cold wallet system.”
Buterin also informed potential investors that Ether (his company’s transactional token) would be available in the presale at a discount price of 2,000 Ether (ETH) per Bitcoin (BTC). “The sale will last 42 days, concluding at 23:59 Zug time September 2 ,” he wrote.
Buterin’s message was very clear to anyone that wanted to participate in the presale, also called the premine, crowdsale, and genesis sale. He wrote, “If you purchase Ether, DO NOT lose your wallet file or your password, or you will never be able to access your ether.”
Russo’s suggestion that the Ethereum presale was the “Sale of the Century” may sound like hyperbole, but the numbers support the claim. In an August 8, 2014, statistical overview of the presale, Buterin shares some impressive numbers:
- By that date, the presale had received more than 25,000 BTC from selling over 50 million ETH, marking the largest cryptocurrency sale by then.
- 6,670 transactions had been made.
- Transaction values ranged from a minimum of 0.01 BTC to 500 BTC.
- By then, the ETH sale marked the largest use of multisig, pushing the percentage of all BTC stored in multi-signature accounts to 0.41% from 0.23% before the sale. A multi-signature account permits a group of users to sign one document.
Stories of Locked Away Millions
Sometimes things went wrong during the presale. For instance, a DC family claims that it’s struggling to access about $6 million locked away in an Ethereum presale wallet. ABC’s News 7 reports that Art and Yuki Williams claim that even though they created a password for the wallet, the “very important JSON file which acts as a private key to open a crypto wallet never completely downloaded online.”
While the Williams’ claims have received quite a bit of press attention, many Ethereum presale wallet passwords were lost.
What was the Experience of Going Through the Presale?
Participating in the presale was a pretty straightforward process. Bitcoin Bulls, a YouTube channel, provides a step-by-step video on the steps buyers followed to buy ETH during the crowd sale.
Downloading the Ethereum Wallet File
Before sending Bitcoin, your first task was to download your Ethereum wallet file, or it could be sent to an email address that you specified. A contributor on Reddit.com indicates that the name of the wallet file was “ethereum_wallet_backup.json.”
The wallet could be downloaded using the format, “ethereum-wallet-[manyNumbersAndLetters].json.”
Downloading the wallet file would start with entering the amount of Ethereum you wanted to buy on the Ethereum website. You would then pay for ETH using Bitcoin from your Blockchain wallet.
Once you had entered the amount of ETH you wanted to buy, you could then enter an email address — the Ethereum project would email a copy of your wallet to this email address.
Step 3 required you to create a password. The password had to be at least 10 characters. You had to include a number, a symbol, a lowercase letter, and an uppercase letter among the ten characters.
With the password set, you were ready to download the wallet by clicking the “Download your wallet button.”
Users were advised not to send any BTC before the JSON wallet file had been installed on their computer. As can be seen from the screenshot above, the Ethereum site warned users, “Without the wallet and password, your Ether will be lost and unrecoverable.” It added, “By clicking the ‘Next’ button, you agree that you understand this.”
Clicking “Next” would take you to the point where you could now make the payment. The Ethereum site would then provide you with a Bitcoin address to send the payment to.
(Re)Download Your Wallet
With the payment done and accepted, you would then move on to the next step, where you had yet another opportunity to download the wallet. The file you downloaded at this stage represented your private key to the wallet encrypted with your password. This file would later be imported into your wallet once the Ethereum blockchain went live, and the balance would show the amount of ETH purchased.
Once everything had been set, you could check your balance using your Ethereum address.
Today, you could check your balance by opening the ethereum_wallet_backup.json file using a text editor and then scrolling to the string “ethaddr”: “. The digits after the last opening inverted commas represent the Ethereum blockchain wallet address. Add 0x in front of the number to see how much ETH is in the wallet on https://etherscan.io
If your balance is 0, you have no value in the wallet. If your balance is more than 0, the work to crack that password must begin in earnest.
No Mnemonic/Seed Phrase Offered
From the step-by-step guide from Bitcoin Bulls above, it’s clear that there was no mnemonic/seed phrase offered during the Ethereum presale. The mnemonic/seed phrase, sometimes referred to as a mnemonic sentence, recovery phrase, or backup phrase is a code containing between 12 and 24 words that can assist you in recovering a cryptocurrency wallet.
Some people who participated in the Ethereum crowdsale indicate that they got a mnemonic during the presale. However, the mnemonic didn’t work.
What If Something Goes Wrong?
As can be seen in the Williams’ case, who say they have $6 million locked away, things could go wrong during the presale. Some people claimed that there were errors when using certain characters in your password, such as a parenthesis.
One Reddit user who goes by the name BitttBurger writes, “They failed to mention that if you put a parenthesis in your password, you’re screwed. It won’t unlock.” The same forum participant adds, “If any of you have a parenthesis in your password, and you can’t unlock it, find the command to do a password change. Then it should work.”
Others dispute that certain characters in the password resulted in errors when attempting to access the wallet files. They indicate that all you needed were 10+ characters with a combination of capital and small letters, numerals, and some special symbols.
Buterin addressed passible issues in a July 2014 blog post that focused on solutions for people who forgot to download their wallets, wanted to find ways of remembering their passwords, or required a guarantee that ETH was purchased.
Buterin informed buyers that a backup wallet would be sent to the email address provided by the buyer. However, he had a message for those who entered a fake address and at the same time forgot to download their wallet: “unfortunately, you have no recourse.”
Another critical issue was addressed in the Ether sale FAQ section regarding whether buyers could use a card, bank transfer, or PayPal to buy ETH. The Ether Community Forum informed buyers that “The only method of payment accepted is Bitcoin.”
The Ether Community Forum also referred to fraudulent campaigns designed to deceive potential ETH purchasers. The site added, “The only place where Ether can be purchased is https://www.ethereum.org/ (note carefully the address in your browser bar, and ensure it says ‘https’ when purchasing Ether).”
What Wallets Could Have Been Used to Open an Ethereum Presale Wallet?
Considering that the Ethereum presale took place more than seven years ago, many things have changed and today’s files for storing keys are different. This means that the specific file you received when you participated in the presale may not work.
The good news, though, is that there are several wallets that you can use to claim any value you may still have in your presale wallet. Two of the leading wallets that have great reviews are MyEtherWallet.com and MyCrypto.com.
There is a helpful thread on Reddit where forum members provide some guidance on how to use wallets like MyCrypto.com safely. Some forum members recommend downloading the wallet’s app, transferring it to a flash drive, and then installing it on an offline computer, saying it’s much safer that way.
Recovering Your Presale Wallet
From the insights above, it’s clear that the only way to recover your Ethereum presale wallet is by having the wallet file and the password. However, we all know that you have read this far because you don’t have the password. So, let’s look at how you can generate a list of passwords as you try to access the value in your wallet.
To develop a useful list of possible passwords, you will need to invest time and research effort. Basically, the process of generating a list of possible passwords can be divided into two main categories. The first involves using the minimum password requirements to narrow down your search. The second is based on techniques to nudge your brain to remember the password.
We already know that your Ethereum presale wallet password must include at least 10 characters. You had to have at least one capital letter, one lowercase letter, one special character, and a digit among these characters.
This provides you with an excellent place to start because it removes passwords with less than 10 characters. It also removes the possibility that your forgotten password consisted only of special characters, small letters, capital letters, or digits.
Techniques to Remember Your Password
Now that you know the password requirements you had to follow when you created your password, let’s look at how the human brain works when creating passwords:
- Many people use a similar password for different digital accounts.
- Although individuals may use different passwords for different digital accounts, these passwords usually share the same components.
- Numbers and characters usually appear towards the end of a password.
Individuals who attempt to hack digital accounts often take advantage of how people think when creating passwords. This is why you would often be advised to avoid thinking in the way described above when creating a password. However, if indeed you used the above-mentioned way of thinking when you created your Ethereum wallet presale password, you may have an advantage this time.
If you are like many of us, there is a possibility that the password you used for your Ethereum presale wallet has the same components as other passwords you created at that time. Therefore, it’s vital to look at other passwords you have created and try to identify patterns, asking yourself several questions:
- Are there common words you use, such as the name of the area where you live, your friends or family members’ names, or sports teams?
- When you select numbers, do you tend to use birthdays or days on which special occasions happened, double digits or single digits?
- Which character do you often think of first when selecting special characters?
Another area where you could look is your browser’s password manager. If you allowed your browser to save the password, you should be able to find it there. However, had this been the case, you would have probably started there before trying anything else.
Rein in the Madness
Now that you know where to start and have a list of possible passwords, it’s time to create a testing plan. Begin by creating a spreadsheet containing all the passwords that you can remember. This is where you will start to see emerging patterns that could assist you in understanding how you think when creating passwords.
However, it’s vital to ensure that you keep that spreadsheet secure so that no unauthorized person can access it, and remember to delete it from all folders, including the recycle bin, as soon as you’re done.
Your plan should be based on your insights from studying the patterns that emerge from the spreadsheet that you have created. Ask questions about the patterns that emerge? Do you notice some patterns that repeatedly appear when you use words, numbers, or characters to create passwords?
If you discover several patterns from your spreadsheet, create several batches of passwords related to each pattern and start trying each batch. If you’re lucky, you may find your Ethereum presale password. If not, don’t give up; breathe in and start a new batch using another pattern.
Because this is essentially a guessing game, you may run out of ideas before gaining access to your presale wallet. If this is where you find yourself, don’t give up yet; it’s time to find help.
CryptoAssetRecovery.com can use its experience to help recover your wallet. In most cases, all you need to do is provide a copy of your wallet and your best guesses of your password. The service will attempt to “brute force” your password using your password guesses.