CustodyStress
Archive › Structural patterns › Forgotten Passphrase
Part of the CustodyStress archive of observed Bitcoin custody incidents

Forgotten Passphrase

Cases where a Bitcoin wallet passphrase was forgotten. Forgotten passphrases are the most common single trigger in the archive — distinct from passphrases that were never recorded or that were recorded but lost. In these cases, the holder knew the passphrase at setup but could not recall it when needed. The forgotten-passphrase pattern reveals a specific custody failure dynamic: the passphrase was set during onboarding — often as a required step in hardware wallet setup — and never tested or documented. Most forgotten-passphrase cases occur years after setup, when the passphrase has faded from memory and no written record exists. Password bruteforce recovery is the most commonly attempted path, with success rates that depend heavily on how much the holder remembers about their original passphrase construction.

111 cases match this pattern in the archive. Among cases with a determinate outcome, 48% resulted in permanently blocked access, 43% in recovered access, and 10% in constrained recovery. 69% of cases in this pattern involved software wallet. Hardware wallet cases account for 4% of forgotten-passphrase incidents; software wallet cases account for 69%.

Browse archive Archive statistics Scenarios Dependencies About
19
Blocked
4
Constrained
17
Survived
71
Indeterminate

57% of determinate cases resulted in blocked or constrained access.

111 observed cases
Blocked
19 (17%)
Constrained
4 (4%)
Survived
17 (15%)
Indeterminate
71 (64%)
Blockchain.info Hosted Wallet Recovery: Password Reset via Seed Phrase (2013)
Exchange custody
Survived 2013
PandaNL opened a Blockchain.info hosted wallet in 2013 and over several years forgot the account password. The user retained three critical pieces of recovery i
BitcoinTalk User syuyu Locked Out of Wallet With ~32-Character Passphrase (January 2014)
Software wallet
Indeterminate 2013
In January 2014, a BitcoinTalk user known as 'syuyu' posted in an encrypted wallet recovery thread describing a locked software wallet they could no longer acce
1990 BTC Forgotten Passphrase: Pakistani Investor's Failed Recovery Attempts (2013)
Software wallet
Indeterminate 2013
In November 2013, a BitcoinTalk forum user identified as 'Britman' disclosed a significant custody failure affecting 1990 BTC accumulated throughout 2012 at pri
Blockchain.info 2013–2014 Wallet Access Failure: Encrypted Files, Lost Password, Functional Recovery Phrase
Exchange custody
Indeterminate 2013
User 'marvin42' created Bitcoin wallets via blockchain.info in 2013 or 2014 and retained two AES-encrypted backup files dated 28 February 2014 and 22 April 2013
Rahazan Develops and Shares PowerShell Wallet Recovery Script (2013)
Software wallet
Indeterminate 2013
In 2013, a BitcoinTalk user identifying as Rahazan faced a common early custody problem: an encrypted Bitcoin-Qt wallet with a forgotten passphrase. Rather than
BitcoinTalk User kentt Recovers Encrypted Wallet via Community Brute-Force Script (June 2013)
Software wallet
Survived 2013
In June 2013, BitcoinTalk user kentt posted confirmation of a successful wallet recovery using community-developed brute-force scripts circulated in topic 85495
SP4RK7 Locked Out of Protoshares Wallet: Single-Character Password Error, Recovery Bounty Offered
Software wallet
Indeterminate 2013
On November 30, 2013, BitcoinTalk user SP4RK7 posted in the encrypted wallet recovery thread describing a Protoshares wallet locked with encryption that appeare
BitcoinTalk User ez1btc: Encryption Password Transcription Error Blocks Large Bitcoin Wallet
Software wallet
Indeterminate 2012
In the encrypted wallet recovery thread on BitcoinTalk, user 'ez1btc' documented a custody failure rooted in transcription error rather than forgetfulness. At t
Anonymous Reddit User: 7,500 BTC Inaccessible Due to Forgotten Wallet Password
Software wallet
Blocked 2012
An anonymous Reddit user posted in 2014 about a significant custody failure: he had purchased approximately 7,500 Bitcoin in 2012 and stored them in an encrypte
Fiyasko's Forgotten Passphrase: Mining Savings Lost to Single Point of Failure (2012)
Software wallet
Indeterminate 2012
In December 2012, a Bitcoin miner operating under the username Fiyasko (also known as JackRabiit) created a dedicated savings wallet to store one month of accum
Brainwallet Passphrase Mismatch — Address Generation Failure After Fund Transfer
Software wallet
Indeterminate 2012
In December 2012, a BitcoinTalk user identified as 'thoughtfan' encountered a critical custody failure after using brainwallet.org to generate a Bitcoin address
Stefan Thomas and 7,002 Bitcoin: Locked Behind a Forgotten Passphrase
Hardware wallet (single key)
Blocked 2011
Stefan Thomas held 7,002 Bitcoin stored on an encrypted hard drive containing the private keys. Access to the device required a passphrase that Thomas had forgo
Bitcointalk User Locked Out of Encrypted 2011 Wallet — Passphrase Unrecoverable
Software wallet
Blocked 2011
In early 2013, a Bitcointalk user posted in the Bitcoin Technical Support section describing their inability to access an encrypted wallet created approximately
Brad Yasar: Early Miner Locks Out Thousands of BTC Across Multiple Drives
Software wallet
Blocked 2011
Brad Yasar, a Los Angeles-based entrepreneur, mined thousands of Bitcoin on several desktop computers during the earliest years of the network when solo mining
2010 Mining Pool Wallet.dat: Passphrase Lost After Decade of Storage
Software wallet
Indeterminate 2010
Between 2010 and 2011, the source participated in Bitcoin pool mining and retained the resulting wallet.dat file on a local system. The wallet remained untouche
Kristoffer Koch Recovers 5000 BTC After Forgotten Wallet Password — 2013
Software wallet
Survived 2009
Kristoffer Koch, a Norwegian engineering student, encountered Bitcoin in late 2009 while researching encryption for his university thesis. Intrigued by the emer
7500 BTC Permanently Locked on IronKey Device After Passphrase Loss
Hardware wallet with passphrase
Blocked
A British engineer encrypted approximately 7500 BTC on an IronKey device, a third-party encrypted storage solution designed with progressive lockout mechanisms
Forgotten Electrum Wallet and Zip Archive Passwords — Multiple Encrypted Backups Inaccessible
Software wallet
Indeterminate
In December 2024, a BitcoinTalk user identified as 'fanya' disclosed a multi-year custody failure rooted in encryption key loss rather than theft or technical c
Forgotten Bitcoin Wallet Passphrases: Forum Cases of Successful Third-Party Recovery (2014–2021)
Software wallet
Survived
Between 2014 and 2021, seven Bitcoin holders posted testimonials on a forum documenting their recovery of wallets encrypted with forgotten passphrases. Cases ra
Armory 0.88.1 Wallet Passphrase Loss: 50 BTC Access Blocked
Software wallet
Indeterminate
A BitcoinTalk user posting as vect0rz reported losing access to an Armory version 0.88.1 wallet containing over 50 BTC. The encrypted wallet file and chain code
Stefan Thomas: 7,200 Bitcoin Inaccessible Behind IronKey Passphrase
Hardware wallet with passphrase
Blocked
Stefan Thomas, former Chief Technology Officer of Ripple, stored 7,200 BTC on an IronKey encrypted hard drive. The drive implemented a deliberate security const
Second Password Lost on Blockchain.com Wallet: 0.34 BTC Inaccessible for 8 Years
Exchange custody
Blocked
Approximately eight years before disclosure, the user created a Blockchain.com hosted wallet using the platform's dual-password security model. This architectur
TrueCrypt-Encrypted Wallet.dat: Partial Passphrase, Uncertain Recovery Path
Software wallet
Indeterminate
A Bitcoin and Litecoin miner from the early 2014 era encrypted his wallet.dat file inside a TrueCrypt volume, motivated by security paranoia despite acknowledgi
Passphrase Recovery Success and OPSEC Failure: 2014 WalletRecoveryServices Case
Software wallet
Survived
A Bitcoin holder in 2014 created private keys but lost the passphrase required to access them. The funds remained locked for an unknown duration until the owner
241 BTC Trezor Custody Loss: Forgotten PIN and Failed Seed Recovery
Hardware wallet (single key)
Indeterminate
A Bitcoin holder transferred 241 BTC to a Trezor hardware wallet in late 2015, securing it with a 9-digit PIN. The user documented the seed phrase and initially
← Previous
12345
Next →
Structural patterns
No Backup Existed Passphrase Never Recorded Device Discarded Recovery Attempted, Access Still Blocked Coercion — Forced Transfer Estate and Inheritance Failures Technical Recovery Succeeded Legal Proceedings as Recovery Path Exchange Bankruptcy Authority Without Access Multisig Quorum Failure Seed Phrase Recorded But Lost Shared Dependency Failure All cases
Other structural patterns
No Backup Existed Passphrase Never Recorded Device Discarded Recovery Attempted, Access Still Blocked Coercion — Forced Transfer Estate and Inheritance Failures Technical Recovery Succeeded Legal Proceedings as Recovery Path Exchange Bankruptcy Authority Without Access Multisig Quorum Failure Seed Phrase Recorded But Lost Shared Dependency Failure
Terms guide
Outcome terms
Survived
Access remained possible under the reported conditions.
Constrained
Access remained possible, but only with delay, dependence, or significant difficulty.
Blocked
Access was not possible under the reported conditions.
Indeterminate
There was not enough information to determine the outcome.
Assessment terms
Survivability
The degree to which a custody system maintains the possibility of authorized recovery under stress.
Archive inclusion criteria

This archive documents cases where a legitimate owner, heir, or authorized party encountered barriers accessing or recovering Bitcoin due to a failure in the custody arrangement. The central question for inclusion is: did the custody structure fail a legitimate access or recovery attempt?

Inclusion requirements

A case must satisfy all three of the following to be included:

  1. Legitimate access attempt. The person attempting to access or recover the Bitcoin was the owner, a designated heir, an executor, a legal authority, or another party with a legitimate claim — not a thief, attacker, or unauthorized third party.
  2. Custody structure failure. The failure was caused by a property of the custody arrangement — missing credentials, structural dependencies, documentation gaps, knowledge concentration, legal barriers, or institutional constraints — not market conditions, individual-level fraud or theft, or protocol-level issues. Platform-level failures that block legitimate user access are in scope regardless of their cause.
  3. Documentable outcome or access constraint. The case must have a stated or inferable outcome: access blocked, access constrained, access delayed, or access eventually achieved through a recovery path. Cases with entirely unknown outcomes are included only where the structural failure is documented and the constraint is unambiguous.
In scope
  • Owner death or incapacity — Bitcoin held in self-custody that becomes inaccessible to heirs or designated parties because credentials, documentation, or operational knowledge were not transferred
  • Passphrase loss — BIP39 passphrase forgotten or unavailable, blocking access to a funded wallet even where the seed phrase is present
  • Seed phrase or wallet backup unavailable — no independent recovery path existed or the backup was destroyed, lost, or never created
  • Device loss without independent backup — hardware wallet, phone, or computer lost or destroyed with no recovery path outside the device
  • Documentation absent or ambiguous — heirs or executors cannot determine that Bitcoin exists, which wallet holds it, or how to access it
  • Knowledge concentration — only one person knew the procedure, passphrase, or access method; that person is dead, incapacitated, or unreachable
  • Multisig quorum failure — a threshold signature arrangement cannot be completed because signers are unavailable, uncooperative, incapacitated, or have lost their keys
  • Legal authority / access mismatch — a court order, probate ruling, or power of attorney establishes legal entitlement but provides no technical path to access
  • Institutional custody barrier — exchange or platform hacks, insolvency, regulatory seizure, or operational failure that caused a access constraint or failure for legitimate users, whether temporary, prolonged, or permanent. The failure of the custodian to remain available or solvent is itself the in-scope event.
  • Forced relocation or geographic constraint — physical access to a device or location required for recovery is blocked by displacement, border restrictions, or political circumstances
  • Coercion — the holder was compelled under threat to transfer Bitcoin or disclose credentials during an access event
  • Hidden asset discovery — heirs or executors locate a wallet or account but cannot access it due to missing credentials or operational knowledge
Out of scope
  • Market losses, investment losses, yield scheme losses, or Ponzi scheme losses
  • Hacks or theft targeting an individual's personal security (phishing, SIM swap, social engineering, malware) where the custody architecture itself did not fail
  • Unauthorized transfers where the holder's custody system was not the cause of the failure
  • Ordinary transaction mistakes — wrong-address sends, fee errors, mistaken amounts
  • Protocol-level failures — cryptographic vulnerabilities, consensus bugs, firmware integrity failures
  • Deliberate burns or tribute burns
  • Cases where the stated loss is unverifiable and no structural custody failure is described
Source and verification

Cases are drawn from public sources including forum posts, news reporting, court documents, academic research, and direct submissions. Each case is reviewed against the inclusion criteria above before publication. Source material is retained and available on request for documented cases.

The archive is observational and descriptive. It does not attempt to document all Bitcoin custody failures — only those meeting the criteria above with sufficient documentation to describe the structural failure and its outcome.

Original text
Rate this translation
Your feedback will be used to help improve Google Translate