ERROR: Failed to read the key from store:... Cannot recover key on Android Studio when generating Signed APK

Question

I am trying to generate release apk for my new game. Even though I updated one of my other app just 3 days ago keystore had no problem at all. I am absolutely sure I remember my passwords correctly. Because when I give wrong passwords it says your password or username is incorrect.

Here's what I'm doing:

And here's what I'm getting:

Please help me what am I doing wrong here? Android studio updated 2 days ago. Do you think it would cause this problem? What should I do? Any help will be very much appreciated...

I actually had read this post Android Studio: cannot recover key before I post this question. I tried to do as he shown in his answer though I faced with this prompt: "file tampered with or password is incorrect". Now that I know that password is absolutely correct. I'm afraid I'll never be able to update my apps again.

Answer 1

Got succes after following @joshgoldeneagle reply. The prompt gave me the alias passowrd only but using the -w feature i got a key with both passwords setted to the recovered password.

"-w saves the certificate in a new Keystore with same password as key"

java -jar AndroidKeystoreBrute_v1.06.jar -m 3 -k "full path to your keystore.jks" -d wordlist.txt -w

Answer 2

After some, R&D I got solution

that your "Key store password" and your "Key password" need to be the same.

Answer 3

I recommend you run a smart word list attack on the alias password using this tool here:

http://maxcamillo.github.io/android-keystore-password-recover/

1. Download the JAR file for this project using the URL above.

2. Create a text file called wordlist.txt with the words and strings that make up your password, in the order you think they appear. Put each string that you think is part of your password on a separate line. Do not leave blank lines in between each string. You may need to tinker with the wordlist.txt several times in this process to crack the password. You may also try all the variations of what you think is your password that you can possible think of.

3. Save wordlist.txt to the same folder as the JAR file.

4. From command line, navigate to the directory that contains the wordlist.txt and the JAR file.

5. At the command line type: java -jar AndroidKeystoreBrute_v1.06.jar -k "full path to your keystore.jks" -d wordlist.txt to see the available options. You may want to try and use different options than what I used in my testing.

6. Run java -jar AndroidKeystoreBrute_v1.06.jar -m 3 -k "full path to your keystore.jks" -d wordlist.txt

The -m option specifies the method used to crack your password: 1 = brute force attack (could take weeks, months or longer) 2 = dictionary attack (your password must be in the dictionary) 3 = smart word list attack (strings that you specified in wordlist.txt)

I tested this for my own alias password many times and with many different variations in wordlist.txt, and it either cracked my password in less than 1 second or didn't find the password at all. Since you believe your alias password is the same as your key store password, this procedure should help you find both passwords.

Of course I know my password so I knew what strings to put in that would work. But since you are fairly certain your remember your password, the smart word list attack should quickly find your password if it is actually a close variation of what you remember.

Good luck!!

In future you may want to store your password in a password manager, and always copy and paste passwords. Human memory is great for remembering general ideas, and completely unreliable for remembering exact items or details.