BitLocker Password Recovery
BitLocker Password by Thegrideon Software is an advanced password recovery tool for BitLocker encrypted volumes and BitLocker to Go protected devices (such as internal and external hard drives, USB flash drives, etc.). BitLocker Password can be used to search for user-set passwords to unlock only. You may also check Password Search FAQ.
BitLocker Password Recovery Features:
- BitLocker records can be loaded from local disks as well as from partition / disk images.
- Several attacks can be configured and queued:
- advanced mixed attacks for precise search range setup:
- multi-position modifications to cover modern password policies;
- simple modifications: add part(s) copy, add reversed copy, etc.
- typing errors generation;
- brute-force attacks based on a charset and length selected:
- limit number of equal, capital or special chars or digits;
- number ranges (e.g. 1-31, 1-12, 2003-2018, etc.);
- dictionary attacks with modifications (several wordlists are included):
- password in reverse, capitalized, uppercased, lowercased;
- adjustable mixed-case mode;
- predefined or custom char replacements: Aa with 4, Oo with 0, Ii with !, etc.
- advanced keyboard layouts-aware recovery technique;
- "Save passwords to a file" option to verify search settings, generate new wordlist, etc.
- Highly optimized code (SSE, AVX, AVX2, AVX-512) guarantees best performance.
- Utilizes NVIDIA and AMD Graphics processing units with a high-performance methods.
- Utilizes modern integrated GPUs as well.
- Supports up to 64 simultaneous processing threads (multi-CPU, multi-GPU).
- Audio, script or web address based post-search notification.
- Windows 7 - Windows 10 (including XTS-AES encryption).
BitLocker Password allows you to scan local drives and attached USB devices for BitLocker encryption records. Administrative privileges are required for direct disk access in order to read BitLocker encryption records. Encryption records loaded can be exported to a file to be processed later or using different PC. BitLocker Password can also be used to scan partition and drive image files for BitLocker volumes. Number of Backup / Imaging / Cloning tools or bootable Live USB / CD / SD toolkits can be used to create byte-for-byte partition or disk copy (image, clone) if direct mount is not an option (unremovable, voids warranty, etc.).
BitLocker encrypted volumes are protected with 256-bit long random Master keys. Master keys are saved several times encrypted with different access keys (e.g. Recovery key, TPM key, Password to unlock based key, etc.). Most Access keys are 128+bit long random numbers and there is no way to brute-force them directly in any realistic timeframe, thus user supplied password to unlock is the weakest point. Password to unlock is required by default for BitLocker to Go removable volumes and optional for internal disks.BitLocker Password allows you to search for volume password to unlock if it was set. Password verification is extremely compute-intensive (about 2 millions of SHA256 calculations per password), thus recovery speed is limited and a good CPU / GPU hardware is required to achieve fast recovery speed. With BitLocker Password you can queue several attacks including advanced mixed attacks (combinations of dictionary, brute-force and fixed parts) to exploit known password details (parts and patterns) and limit search range and time.
The final password recovery speed is equal to CPUspeed + GPU(1)speed + ... + GPU(N)speed.
For example: Intel i3 + integrated HD 4400 GPU + AMD R9 270 = 16 + 7 + 275 = ~300 p/s (passwords per second).
|Intel® Core™2 Duo
T7500 @ 2.20GHz
|Intel® Core™ i3
2100 @ 3.10GHz
|Intel® Core™ i3
4130 @ 3.40GHz
|Amazon EC2 "c5.large"
Xeon® Platinum core
|~4 p/s||~8 p/s||~16 p/s||~25 p/s|
Modern integrated GPUs (like Intel HD and Iris Graphics) can be used for password recovery acceleration. Integrated GPUs are not as powerful as dedicated (discrete) devices and often overlooked but can add up to 30% to CPU performance.
Compute units or stream multiprocessors (CU, SM, SMX, SMM) are the main building blocks of GPU calculation power, thus 32xCU GPU card is almost 2 times faster than 16xCU GPU card of the same family and architecture running on the same frequency.
For cards with compute capability sm_35 (Kepler 2.0) and above (Maxwell, Pascal, Volta, Turing) you can expect approximately 20-30 p/s per every SM running at 1000Mhz. Test results below are shown to be very close to this estimation.
|GT 640 (sm_35)
2xSMX, 1045 MHz
|GTX 470 (sm_20)
14xSM, 625 MHz
|Tesla K80 (sm_37)
2x13xSMX, 875 MHz
|Tesla V100 (sm_70)
80xSM, 1245 Mhz
|+ 40 p/s||+ 95 p/s||+ 500 p/s||+ 2 700 p/s|
AMD GPUs are very "password recovery friendly" and consistent with architecture change from VLIW5 to VLIW4 and now to GCN. You can expect approximately 15 p/s per every CU running at 1000Mhz.
10xCU, 850 Mhz
20xCU, 945 MHz
36xCU, 1266 MHz
|RX Vega 64
64xCU, 1500 MHz
|+ 140 p/s||+ 270 p/s||+ 700 p/s||+ 1 400 p/s|
It is important to mention that AMD and NVIDIA architectures are quite different and although AMD per CU performance is lower, there are more CUs per card in a similar price range. Moreover GPU performance is somewhat variable with number of factors including GPU/CPU combination and even a driver version. Please contact us if your recovery speed is noticeable different from the data above.
Trial version can be used to check format and hardware compatibility. It allows you to setup and test run any password search for up to 15 min per run. Recovered passwords are hidden behind the asterisks.