BitLocker Password Recovery
- BitLocker Password by Thegrideon Software is an advanced password recovery tool for BitLocker encrypted volumes and BitLocker to Go protected devices (such as internal and external hard drives and USB flash drives).
- BitLocker Password works with password protected volumes only.
- You may also check Password Search FAQ.
BitLocker Password Recovery Features:
- Several attacks can be configured and queued:
- advanced mixed attacks for precise search range setup:
- multi-position modifications to cover modern password policies;
- simple modifications: add part(s) copy, add reversed copy, etc.
- typing errors generation;
- brute-force attacks based on a charset and length selected:
- optional limit on a number of equal chars;
- number ranges (e.g. 1-31, 1-12, 2003-2018, etc.);
- dictionary attacks with modifications (several wordlists are included):
- password in reverse, capitalized, uppercased, lowercased;
- adjustable mixed-case mode;
- predefined or custom char replacements: Aa with 4, Oo with 0, Ii with !, etc.
- advanced keyboard layouts-aware recovery technique;
- "Save passwords to a file" option to verify search settings, generate new wordlist, etc.
- Highly optimized code (SSE, AVX, AVX2, AVX-512) guarantees best performance.
- Utilizes NVIDIA and AMD Graphics processing units with a high-performance methods.
- Utilizes modern integrated GPUs as well.
- Supports up to 64 simultaneous processing threads (multi-CPU, multi-GPU).
- Audio, script or web address based post-search notification.
- Windows 7 - Windows 10 (including XTS-AES encryption).
BitLocker encrypted volumes are protected with 256-bit long random Master keys. Master keys are saved several times encrypted with different access keys (e.g. Recovery key, TPM key, Password to unlock based key, etc.). Most Access keys are 128-256 bit long random numbers and there is no way to brute-force them directly in any realistic timeframe, thus user supplied password to unlock is the weakest point usually. Password to unlock is optional (set by default for BitLocker to Go removable volumes).
BitLocker Password allows you to search for volume password to unlock if it was set. Password verification is extremely compute-intensive (about 2 millions of SHA256 calculations per password), thus recovery speed is limited and fast CPU / GPU hardware is required to achieve a good recovery speed. With BitLocker Password you can queue several attacks including mixed attacks (combinations of dictionary, brute-force and fixed parts) to exploit known password details (parts and patterns) and limit search range and time.
Note: Direct disk access is required in order to read BitLocker encryption records. Most systems requires program to be started with evaluated privileges in order to access such records. You can right-click BitLocker Password shortcut and click "Run as administrator" to allow low-level access. Volume encryption records can be exported to a file to be processed later or on another PC.
The final password recovery speed is equal to CPUspeed + GPU(1)speed + ... + GPU(N)speed.
For example: Intel i3 + integrated HD 4400 GPU + AMD R9 270 = 16 + 7 + 275 = ~300 p/s (passwords per second).
|Intel® Core™2 Duo
T7500 @ 2.20GHz
|Intel® Core™ i3
2100 @ 3.10GHz
|Intel® Core™ i3
4130 @ 3.40GHz
|Amazon EC2 "c5.large"
Xeon® Platinum core
|~4 p/s||~8 p/s||~16 p/s||~25 p/s|
Modern integrated GPUs (like Intel HD and Iris Graphics) can be used for password recovery acceleration. Integrated GPUs are not as powerful as dedicated (discrete) devices and often overlooked but can add up to 30% to CPU performance.
Compute units or stream multiprocessors (CU, SM, SMX, SMM) are the main building blocks of GPU calculation power, thus 32xCU GPU card is almost 2 times faster than 16xCU GPU card of the same family and architecture running on the same frequency.
For cards with compute capability sm_35 (Kepler 2.0) and above (Maxwell, Pascal, Volta, Turing) you can expect approximately 20-25 p/s per every SM running at 1000Mhz. Test results below are shown to be very close to this estimation.
|GT 640 (sm_35)
2xSMX, 1045 MHz
|GTX 470 (sm_20)
14xSM, 625 MHz
|Tesla K80 (sm_37)
2x13xSMX, 875 MHz
|Tesla V100 (sm_70)
80xSM, 1245 Mhz
|+ 40 p/s||+ 95 p/s||+ 500 p/s||+ 2 700 p/s|
AMD GPUs are very "password recovery friendly" and consistent with architecture change from VLIW5 to VLIW4 and now to GCN. You can expect approximately 15 p/s per every CU running at 1000Mhz.
10xCU, 850 Mhz
20xCU, 945 MHz
36xCU, 1266 MHz
|RX Vega 64
64xCU, 1500 MHz
|+ 140 p/s||+ 270 p/s||+ 700 p/s||+ 1 400 p/s|
It is important to mention that AMD and NVIDIA architectures are quite different and although AMD per CU performance is lower, there are more CUs per card in a similar price range. Moreover GPU performance is somewhat variable with number of factors including GPU/CPU combination and even a driver version. Please contact us if your recovery speed is noticeable different from the data above.
Trial version can be used to check format and hardware compatibility. It allows you to setup and test run any password search for up to 15 min per run. Recovered passwords are hidden behind the asterisks.