Login/Register
How to handle a lost KeyStore password in Android?
Asked Answered
Solved androidkeystore
K

43

137

I have forgotten my Keystore password and I don't really know what to do anymore (I can't or won't give any excuses for it). I want to update my app because I just fixed a bug but it's not possible anymore. What happens if I use the same Keystore but create a new key? Would I still be able to update the app and if it's not possible, how can I go about giving information to users about the updated version?

If anybody has had a problem like this or has come across troubles, what advice can you give to help remedy the situation? Fortunately, it is a free app.

Kristofor answered 22/5, 2011 at 18:12 Comment(5)
Zach Klippenstein on Google+ had the same issue like you. You can follow the thread here.Carrell
If you're using React Native, you can find it in gradle.propertiesNephogram
npmjs.com/package/keystore-password-recoveryHers
You only need the keystore password if you want to generate a keypair or use it, e.g. to generate a CSR.Chlorobenzene
@Chlorobenzene What are you talking about? You need the key to sign the apk.Swagerty
P
52

See this link

It's unfortunate, but when you lose your keystore, or the password to your keystore, your application is orphaned. The only thing you can do is resubmit your app to the market under a new key.

ALWAYS backup up your keystore and write the passwords down in a safe location.

Pettus answered 22/5, 2011 at 18:27 Comment(11)
so the best i can do is just upload another version of the application and try to give a description from the title or from the previous app or something like that. right?Kristofor
Indeed, just unpublish your current app and replace it with a new version with the same title and description, and hope your users will eventually find it. Make sure you write your password down this time around ;)Pettus
You have 3 tries to get it right. If on the third try you're wrong you need to close the wizard and reopen it. Even if you enter the correct password on the 4th try it will tell you that it's wrong. I found this out by trying to run keytool via the command line and observing its retry limit.Zombie
@Pettus if I lost my keystore password, can I just upload via bundle? or for this, I need the password too?Haden
almost did this until i remembered i had my details on key.properties.Heterotopia
You can create a new jks file and ask google to let you sign your previous app with itScraper
@RahulGaur how do ask you google for that, is there a special form?Ambrosine
@Ambrosine check this, also this is the main article, search "lost" on 2nd linkScraper
@RahulGaur Have you done it before or it is just your wild guess that Google will care about it?Rhyme
@Rhyme I have did it long time ago, it took like a week going back and forth with google chat support providing evidence and all. But at the end they gave me option to sign my app with a new keyScraper
THIS IS WRONG, you can request for upload key reset! developer.android.com/studio/publish/…Eventually
I
269

Just encountered this problem myself - luckily I was able to find the password in some Gradle's temporary file. Just in case anyone lands here:

try looking for this file

..Project\.gradle\2.4\taskArtifacts\taskArtifacts.bin

or

.gradle/3.5/taskHistory/taskHistory.bin
.gradle/5.1.1/executionHistory/executionHistory.bin
.gradle/caches/5.1.1/executionHistory/executionHistory.bin
.gradle/5.1.1/executionHistory/executionHistory.bin
.gradle/3.5/taskHistory/taskHistory.bin
.gradle/2.10/taskArtifacts/taskArtifacts.bin

and search for

storePassword

It was there in cleartext. In general, if you do remember at least a part of your password, try searching for a file containing this substring and hopefully you will fish out something.

Wanted to throw it out here, maybe it will eventually help someone.

Edit: Added new insight from comments, just to be more visible. Edit 2: Added some more locations reported in comments.

Thanks to Vivek Bansal, Amar Ilindra and Uzbekjon for these.

Issuance answered 10/11, 2015 at 7:11 Comment(23)
Thank you very much! I searched for Release, which got me around the right line, then searched for parts of the password I could think of and there it was in text! (whew)!Lobotomy
Give this man a medal... For others to find password faster : Search for ".keyPassword" a few times and you will see your password. Thank you so much @EldoRado1239 :)Saum
thank you x1000, just in case anyone else still has issues after getting the password using this method, note @Fr3eSKo's answer (close the wizard and open it again and it should work)Tournedos
try .storePasswordHavard
hi, what command did you use to see the line? I am using find . | xargs grep "abc" and it shows the name of the binary file that matches, but how do I see the line? I tried find . | xargs grep -a "abc" and that doesn't work. thanksInsolent
Well I used Notepad++ to open that file and search for the part of the password I knew. It should be preceded by this string, if it helps you - "signingConfig.storePassword" - then a couple of controls chars and the password is right after a DC3 (Device Control 3, ascii 19)Issuance
If you're on OSX/Linux, you can run this to easily get the stored password entries: strings taskArtifacts.bin | grep storePassword -A1 And by the way, thanks ElDoRado1239 -- you just saved me big time.Dehorn
In case you can't find the above path, try this one ..Project\.gradle\3.5\taskHistory\taskHistory.binPyrargyrite
I have found my password in taskHistory.bi. in between signingConfig.storePassword and packagingOptions.pickFirst.Sublease
You literally saved me. Mine was after signingConfig.storePasswordScuta
Help I can find any of the mentioned directories in 5.1.1 gradleWorkshop
For Gradle 5.1 the filename is .gradle/5.1.1/executionHistory/executionHistory.bin.Conation
For ubuntu users with gradle 5.1.1 or later, try strings .gradle/5.1.1/executionHistory/executionHistory.bin | grep storePassword -A1Boyfriend
this is worked for me on windows os and i had to try all gradle versions because i did not know what version i used to build signed apk and i tried 'storePassword' and find-next a couple of time to get to password value . thank you . android studio 3.5.1 // gradle v 4.10.3 , 5.4.1Simpatico
Great for me it was a search for this "signingConfig.storePassword" , God Bless youAdvertence
If storePassword search fails try also '.storePassword', 'release' or '.keypassword'Hydnocarpate
Mine was in .gradle/2.10/taskArtifacts/taskArtifacts.bin, alleluia! Thank you so much!!!Ambrosine
how to search through the bin file? opening as a text file?Tuberculosis
Inside /.gradle/5.6.4/executionHistory/executionHistory.bin I am getting signingConfig.signingConfigData.storePasswordHash. Hash is not a cleartext password. Is there anything I can do to get the password ?Wilhelminawilhelmine
Wow great answer :) You saved my life. In my case it was in .gradle/3.5/taskHistory/taskHistory.binMaxiemaxilla
@Afsaredrisy I have the same problem. Did you find a solution?Bumboat
Update for future readers. Obviously this won't work anymore, Google encrypts the password / the password is now stored as a hash.Luther
Still works for me. Android Studio v4.2.2. So dodge. But useful.Qktp
P
52

See this link

It's unfortunate, but when you lose your keystore, or the password to your keystore, your application is orphaned. The only thing you can do is resubmit your app to the market under a new key.

ALWAYS backup up your keystore and write the passwords down in a safe location.

Pettus answered 22/5, 2011 at 18:27 Comment(11)
so the best i can do is just upload another version of the application and try to give a description from the title or from the previous app or something like that. right?Kristofor
Indeed, just unpublish your current app and replace it with a new version with the same title and description, and hope your users will eventually find it. Make sure you write your password down this time around ;)Pettus
You have 3 tries to get it right. If on the third try you're wrong you need to close the wizard and reopen it. Even if you enter the correct password on the 4th try it will tell you that it's wrong. I found this out by trying to run keytool via the command line and observing its retry limit.Zombie
@Pettus if I lost my keystore password, can I just upload via bundle? or for this, I need the password too?Haden
almost did this until i remembered i had my details on key.properties.Heterotopia
You can create a new jks file and ask google to let you sign your previous app with itScraper
@RahulGaur how do ask you google for that, is there a special form?Ambrosine
@Ambrosine check this, also this is the main article, search "lost" on 2nd linkScraper
@RahulGaur Have you done it before or it is just your wild guess that Google will care about it?Rhyme
@Rhyme I have did it long time ago, it took like a week going back and forth with google chat support providing evidence and all. But at the end they gave me option to sign my app with a new keyScraper
THIS IS WRONG, you can request for upload key reset! developer.android.com/studio/publish/…Eventually
U
51

Brute is your best bet!

Here is a script that helped me out:

https://code.google.com/p/android-keystore-password-recover/wiki/HowTo

You can optionally give it a list of words the password might include for a very fast recover (for me it worked in <1 sec)

Ugaritic answered 20/2, 2014 at 22:23 Comment(4)
Unfortunately it didn't work for me. I gave a list of words and I later found out it was three of these words in a certain order, but I had to figure it out myself. Thanks for sharing though, glad it helped other peopleErwin
It worked for me flawlessly! only 10 secs with the correct dictionaryDoubtless
It worked for recovering the password for the key inside, but what can I do if I also lost the password for the keystore itself? @kiruwka said that's not a problem in his answer... did he actually mean it?Rusticate
That tool was a life saver for me. I vaguely remembered the password but it was not in correct sequence. Providing a list of words helped me in "<1 Sec". Thanks a lot <3Erlineerlinna
T
44

In case a wrong password is provided, even just once, it keeps saying on next attempts:

Keystore tampered with or password incorrect.

Even when you provide the correct one. I tried it several times, maybe it's some kind of protection.
Close the export wizard and start it again with the correct password, now it works :)

Troytroyer answered 19/9, 2012 at 18:5 Comment(2)
what do you mean "close the export wizard"Botanize
what is export wizard?Koslo
C
30

Go to taskHistory

Finally i found the solution after spending two days...

Follow these steps:

  1. Go to project
  2. In .gradle find your gradle version folder in my case it was 4.1 (Refer pic)
  3. expand the 4.1 folder and then in taskHistory folder you will find taskHistory.bin file.
  4. Open taskHistory.bin file in android studio itself.
  5. Search for ".storePassword" .. That's it you got your keystore password.

This really worked to me.

Try this and happy coding!!!

Chappelka answered 15/3, 2018 at 6:33 Comment(1)
Using Android 3.5.3, unfortunately the .bin file doesn't have any relevant information.Fluorescent
A
24

SOLUTION 2019 (Windows, Android Studio 3.3, gradle 4.10):

This solution only works if "Remember password" checkbox was previously marked.

First of all taskArtifacts.bin don't exist for this version of gradle and idea.log shows asterisks for passwords. This was old days solutions that doesn't worked to me.

Where I found the clear text passwords: C:\Users\{username}\AndroidStudioProjects\{project}\app\build\intermediates\signing_config\release\out\signing-config.json

Keys: mStorePassword and mKeyPassword.

I really hope it helps someone else.

Adolpho answered 31/1, 2019 at 17:45 Comment(3)
Can confirm it's still working on AS 3.5.3 - thank you!Fluorescent
There isn't any folder called signing_configDistraction
As of 2023, this solution still works. Thank you!Chapell
F
20

On a MAC launch Console utility and scrolled down to ~/Library/Logs -> AndroidStudio ->idea.log.1 (or any old log number) Then I searched for "keystore" and it should appear somewhere in the logs.

Original question: link

Fire answered 15/12, 2015 at 3:47 Comment(2)
this saved my life at a client - all the other options werent' avialable because we used some gulp script in combination with an cordova/phonegapp applicationDrusy
I could not find it using "keystore" but using "key.password"Enfold
M
18

In fact, losing thekeystore password is not a problem.
You can create a new keystore and set a new password for it with the keytool command below. You don't need original keystore password for it:

keytool -importkeystore -srckeystore path/to/keystore/with/forgotten/pw \
-destkeystore path/to/my/new.keystore

When prompted, create password for your new.keystore and for source keystore password (which you lost) just hit Enter.
You will get warning about integrity not checked, and you will get your new.keystore identical to original with newly set password.

The reason this works is keystore password is only used to provide integrity of the keystore, it does not encrypt data with it, in contrast to private key password, which actually keeps your private key encrypted.

Please note, that you must know your private key password to sign your apps. Well, if it is same as forgotten keystore password then you can resort to bruteforce as in @Artur's answer.

This approach always worked for me.

Mill answered 5/11, 2013 at 15:46 Comment(5)
I tried this and it makes you enter a password for the destination. If you keep pressing enter it will tell you to try again later after 3 tries.Zombie
@TheMuffinMan sorry, did not entirely get your problem. Did you manage to create new keystore with new keystore pw ?Mill
This gets me a new keystore, but when I try to use that new keystore, I get the error message jarsigner: key associated with mykey-release not a private key. Am I missing something?Gilthead
@Gilthead I'm facing the same issue. Please did you find a solution ?Housman
You can't obtain private keys from the old keystore without the password.Chlorobenzene
U
13

I feel I need to make it an answer because this could not be just in comments. Like @ElDoRado1239 says in his answer (dont forget to upvote his answer ;)

  • Looks for ..Project\.gradle\2.4\taskArtifacts\taskArtifacts.bin in my case was in ..Project\.gradle\2.2.1\taskArtifacts\taskArtifacts.bin because I use gradle 2.2.1
  • Then look for storePassword like @Moxet Khan says in comments...in my case was at line signingConfig.storePassword¬í t my.forgoten.password—signingConfig.keyAlias

Hope help somebody else!!!

Unmade answered 14/3, 2016 at 18:4 Comment(0)
P
13

The simplest way to get a keystore password

project_folder\app\build\intermediates\signing_config\release\out\signing-config.json

Check out this file search for StorePassword in signing-config.json

{"mName":"externalOverride","mStoreFile":"C:\\Users\\dAvInDeR\\Desktop\\KEYSTORE\\keystore.jks","mStorePassword":"1234@#abcd","mKeyAlias":"uploadkey","mKeyPassword":"1234@#abcd","mStoreType":"jks","mV1SigningEnabled":false,"mV2SigningEnabled":false}

Hope fully it will help you.

Update: Sep 2022 It won't work with the latest version

Pulmonary answered 17/4, 2020 at 4:33 Comment(2)
This is literally the last password which you tried, could be user tried different password. Then they will get the wrong passwordGiblet
Its the last generated APK password only, and all the time that json file gets changed while you generate new apkInvolute
A
12

Fortunately, I found my lost password along with the keystore path and alias name from my Android studio logs.

if you are running linux / Unix based machines.

Navigate to Library Logs directory

cd ~/Library/Logs/

in there if you remember your android studio version which you used to build the last release APK. Navigate to that Directory

ex : cd AndroidStudio1.5/

In there you will find the log files. in any of the log files (idea.log) you will find your keystore credentials

example 

-Pandroid.injected.signing.store.file=/Users/myuserid/AndroidStudioProjects/keystore/keystore.jks, 
-Pandroid.injected.signing.store.password=mystorepassword, 
-Pandroid.injected.signing.key.alias=myandroidkey, 
-Pandroid.injected.signing.key.password=mykeypassword,

I hope this helps for Android Studio users

Alewife answered 10/5, 2016 at 8:38 Comment(2)
I think this doesn't work on AndroidStudio3.0 all the info shows up as ******* with the same length for both keystore password and key password.Unpack
This is exactly where I found my password, thanks for the post. I also edited the answer above. These two locations are saviors, I hope in the future Keystore Tool in Android Studio warns user to save the password as they would need it a year or 2 years after for another release.Happygolucky
S
11

It may be bit late but it will help someone for sure You can search password if you remember something otherwise try searching like

signingConfig.storePassword

also if you forgot key alias you can find here that also search something like signingConfig.keyAlias

Project.gradle\3.3\taskArtifacts\taskArtifacts.bin

Hope it will help someone

Scofflaw answered 19/11, 2017 at 17:13 Comment(0)
C
10

After spending almost a day in researching the possible options for recovering the lost keystore password in Android Studio. I found the following 4 possible ways to do it:

  1. Use AndroidKeystoreBrute to retrieve your password. This method is quite useful when you partially forgot your password means you still have some hints of your password in your mind.

  2. You can also retrieve it through Android Studio log files if you have previously released the app(for which you finding the keystore password) with the same machine. Refer to the following directory:

    Mac OSX

    ~/Library/Logs/AndroidStudio/idea.log.1

    Linux (Possible Location)

    /home/user_name/AndroidStudio/system/log

    Windows (Possible Location)

    C:\Users\user_name\AndroidStudio\system\log

    and search for Pandroid.injected.signing.key.password inside the file. You gonna see the password if you have previously signed the app with the same Android Studio version in which you are looking currently.

  3. You can also retrieve the password through .gradle directory of your project. Look for the following path

    project_directory/.gradle/2.4/taskArtifacts/taskArtifacts.bin.

    Note: This doesn't seem to work for newer versions of Gradle (2.10 and above).

  4. If none of the above solutions works then you can try this one but for this one also you must have Android Studio IDE app or It's preferences in which your project keystore password have been saved earlier (Using the Remember password option at the time of signing the app). You can get the IDE preferences from the following path:

    Mac OSX

    ~/Library/Logs/AndroidStudio/idea.log.1

    Linux (Possible Location)

    /home/user_name/AndroidStudio

    Windows (Possible Location)

    c:\user\username\.AndroidStudio

    Just use the older Android Studio IDE if you have or import the preferences of the old IDE into new IDE and also put the keystore file in the same path where it was previously when you had signed it and save the password last time.

    In this way once you open the project and try the Build->Generate Signed APK and select the keystore file from the older location. It will automatically retrieve the password and continue to generate the signed APK for release.

    Once the release APK generates successfully you can follow the option 2 mentioned earlier to check your password from you log file for the recently generated release APK.

Casease answered 19/9, 2016 at 10:55 Comment(2)
I have found the idea.log.1. How can I open it?Berger
You guys are life savers. Found mine in idea.log.12 - just open it as txt!Eal
D
9

For anyone else who may run across this, I wanted to share an answer that may be the case for you or for others browsing this article (like myself).

I am using Eclipse and created my keystore in it for my 1.0 release. Fast forward 3 months and I wanted to update it to 1.1. When I chose Export... in Eclipse and chose that keystore, none of my passwords that I could remember worked. Every time it said "Keystore tampered with or password incorrect." It got to a point where I was getting ready to run a brute force program on it for as long as I could stand (a week or so) to try to get it to work.

Luckily, I to sign my unsigned .apk file outside of Eclipse. Voila - it worked! My password had been correct the entire time! I'm not sure why, but signing it in Eclipse through the Export menu was reporting an error even when my password was correct.

So, if you're getting this error, here are my steps (taken from Android documentation) to help you get your apk ready for the market.

NOTE: To get unsigned apk from Eclipse: Right-click project > Android Tools > Export Unsigned Application

  1. Sign unsigned apk file with keystore

    a. open administrator cmd prompt and go to "c:\Program Files\Java\jdk1.6.0_25\bin" or whatever version of java you have (where you have copied the unsigned apk file and your keystore)

    b. at cmd prompt with keystore file and unsigned apk in same directory, type this command: jarsigner -keystore mykeystorename.keystore -verbose unsigned.apk myaliasnamefromkeystore

    c. it will say: "Enter Passphrase for keystore:". Enter it and press Return.

    d. ===> Success looks like this: 

    adding: META-INF/MANIFEST.MF
...
signing: classes.dex

    e. the unsigned version is overwritten in place, so your signed apk file is now at the same file name as the unsigned one

  2. Use ZipAlign to compact the signed apk file for distribution in the market

    a. open admin cmd prompt and go to "c:\AndroidSDK\tools" or wherever you installed the Android SDK

    b. enter this command: zipalign -v 4 signed.apk signedaligned.apk

    c. ===> Success looks like this:

    Verifying alignment of signedaligned.apk (4)
50 META-INF/MANIFEST.MF (OK - compressed)
...
1047129 classes.dex (OK - compressed)
Verification succesful

    d. the signed and aligned file is at signedaligned.apk (the filename you specified in the previous command)

========> READY TO SUBMIT TO MARKETPLACE

Devotion answered 12/1, 2012 at 4:23 Comment(2)
The reason you received an error about the password being incorrect is that the keyalg/sigalg/digestalg that is implicitly set was wrong. Different versions of Java have different defaults for these values.Phylissphyll
I was hell tensed when eclipse rejected my password, but it worked when I tried with your way, thank you !Gambrinus
Q
9

I'm surprised no one has mentioned this, but you can go to Google Play developer support, and they will work with you to create a new upload key:

https://support.google.com/googleplay/android-developer/contact/otherbugs

I filled an issue, and they contacted me within 1 day.

Update: After following their email instructions I was able to create a new upload key, and it was enabled a few days later! Problem solved.

Qnp answered 10/8, 2020 at 20:34 Comment(4)
You can always create a new keystore and new keypair with just the keytool, let alone Google Play. Doesn't answer the question that was asked.Chlorobenzene
You can always create a new keystore and keypair, but you can't replace the ones for your app unless you talk to Google Play. This is far better than submitting a new app under a new name, which the top answer suggests.Qnp
And of course the only condition for this is that you enabled Play App Signing with google play, when you uploaded your first apk. Otherwise this is not going to do the jobErrolerroll
Brute force is never a good idea, especially if you really chose a good password. On top of that. I don't know what crazier, using foreign software from the net to crack your own password or spending unlimited time brute-forcing.Luther
F
7

First download AndroidKeystoreBrute_v1.05.jar and then follow the given image.enter image description here

prepare one wordlistfile like(wordlist.txt), in that file give your hint like

Password Hint:

users

Users

Password

password

pa55word

Password

@

*

#

$

&

1

2

123

789

U will get your password.

Fiden answered 22/1, 2016 at 5:26 Comment(1)
my android studio remember my jks password.Android studio build new release successfully.But when i change laptop it does not remember and i forgot the jks password.please help me how to recoverGamber
C
5

Adding this as another possibility. The answer may be right under your nose -- in your app's build.gradle file if you happened to have specified a signing configuration at some point in the past:

signingConfigs {
    config {
        keyAlias 'My App'
        keyPassword 'password'
        storeFile file('/storefile/location')
        storePassword 'anotherpassword'
    }
}

Do you feel lucky?!

Chrysalid answered 8/5, 2018 at 1:41 Comment(1)
after adding this where do i find the password?Tunstall
D
4

I had the same problem at once. Even though with App signing by Google Play, loosing keystore or it's password is not a big deal like earlier, Still as a developer we rather prefer to change it's password and use a generated keystore file without waiting for few days to google to handle it. ( To handle this issue with google use this link to make a request) To handle this issue by ourselves, First download two .java files from this link. Then compile the ChangePassword.java by javac ChangePassword.java command. Then after you may run 

java ChangePassword <oldKeystoreFileName.keystore> <newKeystoreFileName.keystore>

Change oldKeystoreFileName.keystore with the path/ name of your current keystore file, and newKeystoreFileName.keystore with path/name for the new generated new keystore file. This will promot you to

Enter keystore password:

. Just enter whatever you prefer :) no need to be the original password that lost. Then Enter the new password with *

new keystore password:

  • Voila, that's it. This won't change the checksum of your keystore and won't make any issues in app signing or uploading to play.google events.
Drawer answered 3/8, 2018 at 8:36 Comment(3)
@SIW, I change my password by creating a new keystore using the old with ChangePassword. When I want to sign I got key associated with my alias not a private keyHousman
It pop up Cannot recover key error when I tried thisGothar
Hi there - this tool was good in that it allowed me to access the keystore with a new "Key store password" - thank you. BUT, I also don't know the password for the specific "Key" - is this a problem? Can I make a new key alias and still sign my app and get it into the appstore on the same position?Scene
S
4

IF you're able to build your app from a PC, but you don't recall the password, here's what you can do to retrieve the password:

Method 1:

In your build.gradle, add println MYAPP_RELEASE_KEY_PASSWORD as below:

signingConfigs {
    release {
        if (project.hasProperty('MYAPP_RELEASE_STORE_FILE')) {
            storeFile file(MYAPP_RELEASE_STORE_FILE)
            storePassword MYAPP_RELEASE_STORE_PASSWORD
            keyAlias MYAPP_RELEASE_KEY_ALIAS
            keyPassword MYAPP_RELEASE_KEY_PASSWORD
            println MYAPP_RELEASE_KEY_PASSWORD
        }
    }
}

After that, run cd android && ./gradlew assembleRelease

Method 2:

Run keytool -list -v -keystore your <.keystore file path> e.g. keytool -list -v -keystore ./app/my-app-key.keystore.

It will ask for you to Enter keystore password: Just press enter key here. and you will be able to find mapped to Alias name:

Then, run grep -rn "<your alias name>" . in your terminal and you will be able to see your signing.json file as below:

./app/build/intermediates/signing_config/release/out/signing-config.json

The file will have your password in json format with key "mKeyPassword":" < your password > "

Spelldown answered 25/9, 2019 at 9:23 Comment(0)
A
3

SOLUTION 2018: Sign app with new keystore file if you missing password or jks file.

1) Create new keystore.jks file with comand line (not android studio build menu)

keytool -genkeypair -alias upload -keyalg RSA -keysize 2048 -validity 9125 -keystore keystore.jks

Windows example: "C:\Program Files\Android\Android Studio\jre\bin\keytool.exe" -genkeypair -alias upload -keyalg RSA -keysize 2048 -validity 9125 -keystore "C:\keystore_new.jks"

2) Generate a .pem file from new keystore

keytool -export -rfc -alias upload -file upload_certificate.pem -keystore keystore.jks

Windows example: "C:\Program Files\Android\Android Studio\jre\bin\keytool.exe" -export -rfc -alias upload -file "C:\upload_cert.pem" -keystore "C:\keystore_new.jks"

3) Use this support form, set "keystore problem" and with attachment add .pem file: https://support.google.com/googleplay/android-developer/contact/otherbugs

4) 12-48h you new keystore is enabled. Update your app on playstore with new apk signed with new keystore :D

Amenable answered 7/7, 2018 at 0:15 Comment(1)
I think it is for those who opt google app sign in option?Hoard
N
3

Open taskHistory.bin and search for storePassword

Newmann answered 16/3, 2019 at 13:42 Comment(1)
Not getting anything associated with "storePassword" on that fileInvolute
U
3

In Ionic I was able to find it here: /app/platforms/android/app/build/intermediates/signing_config/release/out/signing-config.json

Maybe this will help someone. cheers.

Undergraduate answered 15/1, 2020 at 9:28 Comment(0)
I
3

Just to simplify things here, this solution works in 2020 for gradle ver: 5.4.1

Open the file: project\.gradle\5.4.1\executionHistory.bin

Key Store password:

Search for "storePassword" text

For Key Password:

Search for "keyAlias" text

After search check for the password in the same line or the next line.

Infallible answered 2/10, 2020 at 19:42 Comment(2)
In my case : project\gradle\4.1\taskHistory\taskHistory.bin did the job for me.Thanks.Milliner
This is hashed in Gradle 6.5Frink
A
3

There is a way you can reset your password.

Go to this link, Describe your issue (Forgot KeyStore Password) and generate a token. https://support.google.com/googleplay/android-developer/contact/otherbugs

If you are lucky then within 1 hour you will get a replay. (Generally, it takes up to 2 days).

You will need to generate a new key and upload_certificate.pem and send it to google to reset. Yow will be given instruction in the mail.

To generate upload_certificate.pem go to android studio terminal and type :

keytool -export -rfc -alias upload -file upload_certificate.pem -keystore keystore.jks
Angele answered 26/3, 2021 at 9:22 Comment(0)
B
2

Android brute force will not work if your both the passwords are different so the best option might be like that try to find the file named as

log.idea

in your C:/users/your named account then you might found that in there in android folder open that file lpg.idea in notepad and then search for

alias

using find option in notepad you will find it that the password and alias and alias passwors has been shown there

Boardinghouse answered 28/2, 2016 at 16:39 Comment(1)
It should be idea.log.Crook
A
2

I have found the password in 

C:\Users\{Username}\.AndroidStudio2.2\system\log\idea.txt

Search for

Pandroid.injected.signing.store.password
Amygdalin answered 27/3, 2017 at 11:3 Comment(0)
P
2

Go to taskhistory.bin in .gradle folder of your project search password scroll down till you find the password

Pedaias answered 3/3, 2019 at 6:7 Comment(0)
S
2

Today 2/2/2021, I can find my pw in the file name "executionHistory.bin". Let you open it by notepad++ and search for key keyPassword. See the attached picture below.

https://i.stack.imgur.com/NNHFA.png

Sheya answered 2/2, 2021 at 16:38 Comment(1)
This method doesn't work anymore. All I see is the word Hash, like so many others now.Trackandfield
I
1

To summarise there are 3 answers to this question (and the solution is not given by the accepted answer):

  1. If you have your logs intact, then you can find the password in the Android Studio log files as per Georgi Koemdzhiev's answer above.

  2. You can retrieve the password from the 'taskArtifacts.bin' file in your .gradle directory as per ElDoRado1239's and Gueorgui Obregon's answers above. This doesn't seem to work for newer versions of Gradle (2.10 and above).

  3. Use AndroidKeystoreBrute to guess or bruteforce your password as per Srinivas Keerthiprakasam's answer above.

All these 3 solutions are covered in-depth at this link.

Inordinate answered 24/7, 2016 at 11:47 Comment(0)
B
1

No need to use brute force a simple way is to find your plain text password.

goto:

C:\Users\<your username>\AndroidStudioProjects\WhatsAppDP\.gradle\2.2.1\taskArtifacts

Open:

taskArtifacts.bin

when you open taskArtifacts.bin might look encrypted, don't worry about that search for ".keyPassword" a couple times. Then you will find your password in plain text. It may resemble:

signingConfig.keyPassword¬í t <your password>Æù

Hope this was helpful.

Biz answered 27/7, 2016 at 3:51 Comment(0)
B
1

C:\Users\admin\AndroidStudioProjects\TrumpetTVChannel2.gradle\2.14.1\taskArtifacts\taskArtifacts.bin

1st try to create new keystore....then open taskArtifacts.bin with notepad and look for password that you just given....you will able to figure out words near to password that you just given then search for these words near to your password in same file....you will able to figure out the password.....:)

Broth answered 23/6, 2017 at 19:15 Comment(0)
F
1

If Nothing work try these line. Move to the path where .jks is stored. Run this command in command prompt. It will ask for password, ignore that and press enter.

keytool -list -keystore sample.jks

Forespeak answered 25/1, 2018 at 16:22 Comment(1)
This does not provide either the password or any keypairs that are stored in the keystore, which is what the question is about.Chlorobenzene
D
1

I know that this question is AGES old but I saw many answers who were basically saying brute-force is the way to go, which is simply not true because devs usually have a strong and long password, which can't be brute-forced that easily, also it takes days and you have to have your computer running 24/7, so my solution is simple - Contact the support, they will even generate a new key for you, it's the fastest solution you will get.

Doorkeeper answered 6/6, 2020 at 0:21 Comment(0)
O
0

In my case I was getting the alias name wrong, even though I stored the correct password. So I thought it was the wrong password (using ionic package) so i used this command to get the alias name

keytool -list -v -keystore

And I was able to use the keystore again!

Oenone answered 21/9, 2016 at 3:9 Comment(1)
Because you discovered the correct alias. Doesn't answer the question that was asked.Chlorobenzene
I
0

Well to look up for lost keystore password you can try this, For me the following solution worked pretty well.

find the idea log files in ~/Library/Logs/AndroidStudio2.0. You can also locate these by opening Android Studio-> Help->Show Log in File manager.

Open the idea.log file. Note: There may be multiple files named idea.log.1, idea.log.2 etc. Look through each of them till you find the password.

Search for “Pandroid.injected.signing.key.password” and you can see the key password.

Hope it helps...

Isbell answered 9/1, 2017 at 10:21 Comment(1)
Also stored in encrypted / non-cleartext form -> "*******"Luther
S
0

I have experienced same problem, I have tried below steps to solve the problem :-

  1. Create sign apk with creating new keystore and new password.

  2. Now create again sign apk by using your old keystore (keystore used at the time of previous apk build upload) but now use new keystore password.

  3. Now definitely you will create successfully sign apk using old keystore.

    • Hope this solution will help you..
Sebaceous answered 6/4, 2017 at 6:40 Comment(0)
E
0

In my case I had upgraded my Android Studio from 2.3 to 3.0.1, When I trying to generate a signed apk for a new update I got "Keystore was tampered with, or password was incorrect" error. I had my previous Keystore and I was absolutely sure of the password, using them I had updated the app before a couple of times. After searching a lot none of the solutions worked for me. Here is what I did.

  • Opened another project.
  • Imported my project using File/New/Import Project
  • Once Gradle was built I tried to generate a signed apk. Build/Generate signed APK
  • Clicked on "Choose Existing" and provided the path to my Keystore.
  • typed in my key store password
  • selected the key alias
  • typed in my key password (In my case both key store password and key password are the same)
  • Clicked next and provided a path for the new Apk and checked both checkboxes.
  • New APK got generated successfully.

Hope this helps anyone.

Empedocles answered 21/12, 2017 at 12:22 Comment(0)
C
0

If you are a Mac user try checking out the Keychain Access application. My password was saved there under Passwords named org.jetbrains.android.exportSignedPackage.KeystoreStep$KeyStorePasswordRequestor. Alternatively, you can search in the Keychain Access for android to find the password in the Keychain app.

Not sure how the password ended up there though. But I don't recall myself putting it there. So must be Android Studio. Hope this is helpful.

Note: don't forget to Rebuild Project or Clean Project before you try signing with an updated password. Otherwise, Android Studio may fail to build the apk though the password is correct.

Circumnutate answered 7/6, 2019 at 15:12 Comment(0)
I
0

I faced the same problem also tried various methods to recover . Either I was wrong with "Keystore Password" or "Alice Name", or may be with ".JKS" name. So I was not sure about that, what is wrong though I tried all the methods above but unable to track back .

  • There is one technical method I found helpful is Link from Linkedin.

  • Or you can ask help from Google Playstore Support Team in case none of the methods are working i.e. : Google Playstore Help . Login with you registered email address from where you submitted your android app in Google Playstore, mention proper Developer ID, name, Project Package name as per the real, while submitting the application form through the link.

Hope anyone of the those link will be helpful for you.

Involute answered 9/5, 2020 at 15:19 Comment(1)
Thanks - this allowed me to reset the Keystore password. Is there also a way I can reset the Ley password inside?Scene
B
0

Android Keystore Password Recovery tool helped me 100% but it takes too much time. (For my case it takes my whole night to recover my password.)

Blender answered 14/9, 2020 at 8:6 Comment(0)
S
0

You can contact Google Play Console Support with this issue and they will be able to reset the keystore for you to a new keystore. Then you will be able to publish future updates without having to to change the package name, and therefore you will be able to continue to be able to update the same app.

In the play console click the help button at the top > Scroll down to heed more help and click "Contact Us" > Type in you need help with a Keystore Reset > Click "next step" > Click "Upload key reset request" > Click "Contact Google Play Developer Support" > Then choose a contact method to contact them to reset it for you.

Strawboard answered 19/1, 2021 at 10:0 Comment(0)
C
0

Alternatively, if the password was previously used in AndroidStudio but you don't remember it, you can retrieve the passwords from your Mac's keychain.

Steps:

  1. Launch "Keychain Access"
  2. Search for jetbrains
  3. Open the rows by double clicking on them.
  4. In the details dialog, click on show password. You will have to enter your login again to unlock the keychain.

Tada!

Carder answered 26/8, 2021 at 13:5 Comment(0)
Z
0

Yes it is possible if you have Play Signing enables. First to check if you have Play Signing turned on login to the console, select the app and then select "App Integrity" from the menu, on that page you will see an app signing tab. If it is switched on that you can follow the instructions here: https://support.google.com/googleplay/android-developer/answer/9842756 see the section called "Lost or compromised upload key"

Hope this helps Ben

https://support.google.com/googleplay/android-developer/thread/208735127/i-forgot-the-keystore-password-for-my-application-is-it-possible-to-reset-the-keystore-pass-thanks?hl=en

Zeal answered 6/6, 2023 at 16:4 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.