CustodyStress
Archive › Browse by trigger and outcome › Forgotten Passphrase — Blocked
Part of the CustodyStress archive of observed Bitcoin custody incidents
Forgotten_passphraseBlocked

Forgotten Passphrase — Blocked

Cases where a forgotten passphrase resulted in permanently blocked access. These cases represent the limit of password recovery: the passphrase was not reconstructable through bruteforce or partial memory recall.

19 cases in this intersection. 100% of determinate cases resulted in a blocked outcome. The most common recovery path is no path available.

Archive analysis — 19 cases
Outcomes
100% of determinate cases resulted in blocked access — 31 percentage points above the archive-wide average of 69%. Only 0% resulted in recovered access — one of the lower survival rates in the archive.
Custody type
42% of cases involved software wallet, followed by hardware wallet with passphrase at 32%.
Primary stress condition
89% of cases involve passphrase unavailable. Vendor lockout accounts for a further 5%.
Documentation
37% of cases had present and interpretable documentation — yet still produced a blocked or constrained outcome.
Scale
16% of cases involved large or very large holdings (10+ BTC).
Time distribution
Cases span 2011–2023. Only 5% occurred in 2022 or later — concentrated in earlier periods.
Browse archive Archive statistics Scenarios Dependencies About
19
Blocked
0
Constrained
0
Survived
0
Indeterminate

100% of determinate cases resulted in blocked or constrained access.

19 observed cases
Blocked
19 (100%)
Coldlar Pro3 Hardware Wallet: Valid Seed Phrase Insufficient Without Payment Password
Hardware wallet with passphrase
Blocked 2023
On December 4, 2023, a Bitcoin user identified as zzzccc posted to BitcoinTalk describing a critical custody access failure involving a Coldlar Pro3 hardware wa
Dash Core Wallet Passphrase Forgotten: Permanent Access Loss
Software wallet
Blocked 2017
In April 2017, a BitcoinTalk forum user identified as 'Ramchandra' posted describing a custody failure involving a Dash Core software wallet. The user had encry
Blockchain.com Wallet (2016): Partial Password Recovery Attempt, Seed Phrase Absent
Exchange custody
Blocked 2016
The subject created a Blockchain.com account in 2016 and deposited approximately 0.03 BTC (valued at roughly $20 at 2016 exchange rates of $600/BTC). Immediatel
Encrypted Bitcoin Core Wallet Loss: Forgotten Passphrase, Selective Key Export Failure
Software wallet
Blocked 2015
In October 2015, forum user phantitox reported recovering a wallet.dat file from a damaged hard drive, only to discover the passphrase protecting the encrypted
Forgotten Blockchain.info Password: Client-Side Encryption Locks €100 Bitcoin Permanently
Exchange custody
Blocked 2015
On September 17, 2015, a Blockchain.info user with the forum username Seporstia posted requesting help recovering access to a hosted wallet after forgetting the
Forgotten Passphrase and Overwritten Wallet.dat: 0.50 BTC Permanently Lost
Software wallet
Blocked 2015
In May 2015, BitcoinTalk user grovearmada discovered they had lost access to an encrypted Bitcoin wallet containing 0.50 BTC (approximately $115–120 USD at 2015
Anonymous Reddit User: 7,500 BTC Inaccessible Due to Forgotten Wallet Password
Software wallet
Blocked 2012
An anonymous Reddit user posted in 2014 about a significant custody failure: he had purchased approximately 7,500 Bitcoin in 2012 and stored them in an encrypte
Stefan Thomas and 7,002 Bitcoin: Locked Behind a Forgotten Passphrase
Hardware wallet (single key)
Blocked 2011
Stefan Thomas held 7,002 Bitcoin stored on an encrypted hard drive containing the private keys. Access to the device required a passphrase that Thomas had forgo
Bitcointalk User Locked Out of Encrypted 2011 Wallet — Passphrase Unrecoverable
Software wallet
Blocked 2011
In early 2013, a Bitcointalk user posted in the Bitcoin Technical Support section describing their inability to access an encrypted wallet created approximately
Brad Yasar: Early Miner Locks Out Thousands of BTC Across Multiple Drives
Software wallet
Blocked 2011
Brad Yasar, a Los Angeles-based entrepreneur, mined thousands of Bitcoin on several desktop computers during the earliest years of the network when solo mining
7500 BTC Permanently Locked on IronKey Device After Passphrase Loss
Hardware wallet with passphrase
Blocked
A British engineer encrypted approximately 7500 BTC on an IronKey device, a third-party encrypted storage solution designed with progressive lockout mechanisms
Stefan Thomas: 7,200 Bitcoin Inaccessible Behind IronKey Passphrase
Hardware wallet with passphrase
Blocked
Stefan Thomas, former Chief Technology Officer of Ripple, stored 7,200 BTC on an IronKey encrypted hard drive. The drive implemented a deliberate security const
Second Password Lost on Blockchain.com Wallet: 0.34 BTC Inaccessible for 8 Years
Exchange custody
Blocked
Approximately eight years before disclosure, the user created a Blockchain.com hosted wallet using the platform's dual-password security model. This architectur
Second Password Lost on Blockchain.info — 0.3 BTC Rendered Inaccessible
Exchange custody
Blocked
A Bitcoin holder maintained approximately 0.3 BTC on Blockchain.info, a popular web-based wallet service that was standard during the early-to-mid 2010s. The ac
1 BTC Locked Behind Forgotten Electrum Passphrase: Professional Cracking Effort Failed
Software wallet
Blocked
A Reddit user received 1 BTC and secured it using Electrum, a popular Bitcoin desktop wallet, with a password-protected encrypted file. The user later forgot th
Stefan Thomas: 7,002 Bitcoin on IronKey S200, Passphrase Lost, 2 Attempts Remaining
Hardware wallet with passphrase
Blocked
Stefan Thomas possessed an IronKey S200 USB drive containing the private keys to 7,002 Bitcoin, worth approximately $235 million at the time of public reporting
Developer Locked Out of $240 Million Bitcoin After Forgetting Hardware Wallet Passphrase
Hardware wallet with passphrase
Blocked
A cryptocurrency developer became unable to access approximately $240 million in Bitcoin stored on a hardware wallet after forgetting the device's passphrase. T
BlueWallet Password Lock Prevents Seed Phrase Restoration
Software wallet
Blocked
A BlueWallet user set a password to protect their wallet, then forgot it. Standard custody protocol suggested the recovery seed phrase—held safely in written fo
Stefan Thomas: 7,002 Bitcoin Inaccessible on IronKey With 2 Password Attempts Remaining
Hardware wallet with passphrase
Blocked
Stefan Thomas, a German-born software developer based in San Francisco, accumulated 7,002 Bitcoin over years of work in the technology sector. In the early-to-m
Browse by trigger and outcome
Physical Coercion — Blocked Institutional Failure — Blocked Institutional Failure — Constrained Device Discarded — Blocked Forgotten Passphrase — Survived Physical Coercion — Survived File Deleted — No Backup — Blocked All cases
Terms guide
Outcome terms
Survived
Access remained possible under the reported conditions.
Constrained
Access remained possible, but only with delay, dependence, or significant difficulty.
Blocked
Access was not possible under the reported conditions.
Indeterminate
There was not enough information to determine the outcome.
Assessment terms
Survivability
The degree to which a custody system maintains the possibility of authorized recovery under stress.
Archive inclusion criteria

This archive documents cases where a legitimate owner, heir, or authorized party encountered barriers accessing or recovering Bitcoin due to a failure in the custody arrangement. The central question for inclusion is: did the custody structure fail a legitimate access or recovery attempt?

Inclusion requirements

A case must satisfy all three of the following to be included:

  1. Legitimate access attempt. The person attempting to access or recover the Bitcoin was the owner, a designated heir, an executor, a legal authority, or another party with a legitimate claim — not a thief, attacker, or unauthorized third party.
  2. Custody structure failure. The failure was caused by a property of the custody arrangement — missing credentials, structural dependencies, documentation gaps, knowledge concentration, legal barriers, or institutional constraints — not market conditions, individual-level fraud or theft, or protocol-level issues. Platform-level failures that block legitimate user access are in scope regardless of their cause.
  3. Documentable outcome or access constraint. The case must have a stated or inferable outcome: access blocked, access constrained, access delayed, or access eventually achieved through a recovery path. Cases with entirely unknown outcomes are included only where the structural failure is documented and the constraint is unambiguous.
In scope
  • Owner death or incapacity — Bitcoin held in self-custody that becomes inaccessible to heirs or designated parties because credentials, documentation, or operational knowledge were not transferred
  • Passphrase loss — BIP39 passphrase forgotten or unavailable, blocking access to a funded wallet even where the seed phrase is present
  • Seed phrase or wallet backup unavailable — no independent recovery path existed or the backup was destroyed, lost, or never created
  • Device loss without independent backup — hardware wallet, phone, or computer lost or destroyed with no recovery path outside the device
  • Documentation absent or ambiguous — heirs or executors cannot determine that Bitcoin exists, which wallet holds it, or how to access it
  • Knowledge concentration — only one person knew the procedure, passphrase, or access method; that person is dead, incapacitated, or unreachable
  • Multisig quorum failure — a threshold signature arrangement cannot be completed because signers are unavailable, uncooperative, incapacitated, or have lost their keys
  • Legal authority / access mismatch — a court order, probate ruling, or power of attorney establishes legal entitlement but provides no technical path to access
  • Institutional custody barrier — exchange or platform hacks, insolvency, regulatory seizure, or operational failure that caused a access constraint or failure for legitimate users, whether temporary, prolonged, or permanent. The failure of the custodian to remain available or solvent is itself the in-scope event.
  • Forced relocation or geographic constraint — physical access to a device or location required for recovery is blocked by displacement, border restrictions, or political circumstances
  • Coercion — the holder was compelled under threat to transfer Bitcoin or disclose credentials during an access event
  • Hidden asset discovery — heirs or executors locate a wallet or account but cannot access it due to missing credentials or operational knowledge
Out of scope
  • Market losses, investment losses, yield scheme losses, or Ponzi scheme losses
  • Hacks or theft targeting an individual's personal security (phishing, SIM swap, social engineering, malware) where the custody architecture itself did not fail
  • Unauthorized transfers where the holder's custody system was not the cause of the failure
  • Ordinary transaction mistakes — wrong-address sends, fee errors, mistaken amounts
  • Protocol-level failures — cryptographic vulnerabilities, consensus bugs, firmware integrity failures
  • Deliberate burns or tribute burns
  • Cases where the stated loss is unverifiable and no structural custody failure is described
Source and verification

Cases are drawn from public sources including forum posts, news reporting, court documents, academic research, and direct submissions. Each case is reviewed against the inclusion criteria above before publication. Source material is retained and available on request for documented cases.

The archive is observational and descriptive. It does not attempt to document all Bitcoin custody failures — only those meeting the criteria above with sufficient documentation to describe the structural failure and its outcome.