可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
I have forgotten my keystore password and I don't really know what to do anymore (I can't or won't give any excuses for it). I want to update my app because I just fixed a bug but its not possible any more. What happens if I use the same keystore but create a new key? Would I still be able to update the app and if it's not possible, how can I go about giving information to users about the updated version?
If anybody has had a problem like this or has come across troubles, what advice can you give to help remedy the situation? Fortunately, it is a free app.
回答1:
See this link
It's unfortunate, but when you lose your keystore, or the password to your keystore, your application is orphaned. The only thing you can do is resubmit your app to the market under a new key.
ALWAYS backup up your keystore and write the passwords down in a safe location.
回答2:
Just encountered this problem myself - luckily I was able to find the password in some Gradle's temporary file. Just in case anyone lands here, try looking for
..Project\.gradle\2.4\taskArtifacts\taskArtifacts.bin
It was there in cleartext. In general, if you do remember at least a part of your password, try searching for a file containing this substring and hopefully you will fish out something.
Wanted to throw it out here, maybe it will eventually help someone.
回答3:
In case a wrong password is provided, even just once, it keeps saying on next attempts:
Keystore tampered with or password incorrect.
Even when you provide the correct one. I tried it several times, maybe it's some kind of protection.
Close the export wizard and start it again with the correct password, now it works :)
回答4:
Brute is your best bet!
Here is a script that helped me out:
https://code.google.com/p/android-keystore-password-recover/wiki/HowTo
You can optionally give it a list of words the password might include for a very fast recover (for me it worked in <1 sec)
回答5:
On a MAC launch Console utility and scrolled down to ~/Library/Logs -> AndroidStudio ->idea.log.1 (or any old log number)
Then I searched for "keystore" and it should appear somewhere in the logs.
Original question: link
回答6:
In fact, loosing keystore password
is not a problem.
You can create new keystore and set new password for it with the keytool command below. You don't need original keystore password for it:
keytool -importkeystore -srckeystore path/to/keystore/with/forgotten/pw \
-destkeystore path/to/my/new.keystore
When prompted, create password for your new.keystore
and for source keystore password (which you lost) just hit Enter.
You will get warning about integrity not checked, and you will get your new.keystore identical to original with newly set password.
The reason this works is keystore password
is only used to provide integrity of the keystore
, it does not encrypt data with it, in contrast to private key password
, which actually keeps your private key encrypted.
Please note, that you must know your private key password
to sign your apps. Well, if it is same as forgotten keystore password
then you can resort to bruteforce as in @Artur's answer.
This approach always worked for me.
回答7:
Fortunately, I found my lost password along with the keystore path and alias name from my Android studio logs.
if you are running linux / Unix based machines.
Navigate to Library Logs directory
cd ~/Library/Logs/
in there if you remember your android studio version which you used to build the last release APK. Navigate to that Directory
ex : cd AndroidStudio1.5/
In there you will find the log files. in any of the log files (idea.log)
you will find your keystore credentials
example
-Pandroid.injected.signing.store.file=/Users/myuserid/AndroidStudioProjects/keystore/keystore.jks,
-Pandroid.injected.signing.store.password=mystorepassword,
-Pandroid.injected.signing.key.alias=myandroidkey,
-Pandroid.injected.signing.key.password=mykeypassword,
I hope this helps for Android Studio users
回答8:
I feel I need to make it an answer because this could not be just in comments.
Like @ElDoRado1239 says in his answer (dont forget to upvote his answer ;)
- Looks for
..Project\.gradle\2.4\taskArtifacts\taskArtifacts.bin
in my case was in ..Project\.gradle\2.2.1\taskArtifacts\taskArtifacts.bin
because I use gradle 2.2.1
- Then look for
storePassword
like @Moxet Khan says in comments...in my case was at line signingConfig.storePassword¬í t my.forgoten.password—signingConfig.keyAlias
Hope help somebody else!!!
回答9:
For anyone else who may run across this, I wanted to share an answer that may be the case for you or for others browsing this article (like myself).
I am using Eclipse and created my keystore in it for my 1.0 release. Fast forward 3 months and I wanted to update it to 1.1. When I chose Export... in Eclipse and chose that keystore, none of my passwords that I could remember worked. Every time it said "Keystore tampered with or password incorrect." It got to a point where I was getting ready to run a brute force program on it for as long as I could stand (a week or so) to try to get it to work.
Luckily, I to sign my unsigned .apk file outside of Eclipse. Voila - it worked! My password had been correct the entire time! I'm not sure why, but signing it in Eclipse through the Export menu was reporting an error even when my password was correct.
So, if you're getting this error, here are my steps (taken from Android documentation) to help you get your apk ready for the market.
NOTE: To get unsigned apk from Eclipse: Right-click project > Android Tools > Export Unsigned Application
Sign unsigned apk file with keystore
a. open administrator cmd prompt and go to "c:\Program Files\Java\jdk1.6.0_25\bin" or whatever version of java you have (where you have copied the unsigned apk file and your keystore)
b. at cmd prompt with keystore file and unsigned apk in same directory, type this command: jarsigner -keystore mykeystorename.keystore -verbose unsigned.apk myaliasnamefromkeystore
c. it will say: "Enter Passphrase for keystore:". Enter it and press Return.
d. ===> Success looks like this:
adding: META-INF/MANIFEST.MF
...
signing: classes.dex
e. the unsigned version is overwritten in place, so your signed apk file is now at the same file name as the unsigned one
Use ZipAlign to compact the signed apk file for distribution in the market
a. open admin cmd prompt and go to "c:\AndroidSDK\tools" or wherever you installed the Android SDK
b. enter this command: zipalign -v 4 signed.apk signedaligned.apk
c. ===> Success looks like this:
Verifying alignment of signedaligned.apk (4)
50 META-INF/MANIFEST.MF (OK - compressed)
...
1047129 classes.dex (OK - compressed)
Verification succesful
d. the signed and aligned file is at signedaligned.apk (the filename you specified in the previous command)
========> READY TO SUBMIT TO MARKETPLACE
回答10:
After spending almost a day in researching the possible options for recovering the lost keystore password in Android Studio. I found the following 4 possible ways to do it:
Use AndroidKeystoreBrute to retrieve your password. This method is quite useful when you partially forgot your password means you still have some hints of your password in your mind.
You can also retrieve it through Android Studio log files if you have previously released the app(for which you finding the keystore password) with the same machine. Refer to the following directory:
Mac OSX
~/Library/Logs/AndroidStudio/idea.log.1
Linux (Possible Location)
/home/user_name/AndroidStudio/system/log
Windows (Possible Location)
C:\Users\user_name\AndroidStudio\system\log
and search for Pandroid.injected.signing.key.password
inside the file. You gonna see the password if you have previously signed the app with the same Android Studio version in which you are looking currently.
You can also retrieve the password through .gradle directory of your project. Look for the following path
project_directory/.gradle/2.4/taskArtifacts/taskArtifacts.bin.
Note: This doesn't seem to work for newer versions of Gradle (2.10 and above).
If none of the above solutions works then you can try this one but for this one also you must have Android Studio IDE app or It's preferences in which your project keystore password have been saved earlier (Using the Remember password option at the time of signing the app). You can get the IDE preferences from the following path:
Mac OSX
~/Library/Logs/AndroidStudio/idea.log.1
Linux (Possible Location)
/home/user_name/AndroidStudio
Windows (Possible Location)
c:\user\username\.AndroidStudio
Just use the older Android Studio IDE if you have or import the preferences of the old IDE into new IDE and also put the keystore file in the same path where it was previously when you had signed it and save the password last time.
In this way once you open the project and try the Build->Generate Signed APK and select the keystore file from the older location. It will automatically retrieve the password and continue to generate the signed APK for release.
Once the release APK generates successfully you can follow the option 2 mentioned earlier to check your password from you log file for the recently generated release APK.
回答11:
It may be bit late but it will help someone for sure
You can search password if you remember something otherwise try searching like
signingConfig.storePassword
also if you forgot key alias you can find here that also
search something like signingConfig.keyAlias
Project.gradle\3.3\taskArtifacts\taskArtifacts.bin
Hope it will help someone
回答12:
First download AndroidKeystoreBrute_v1.05.jar and then follow the given image.
prepare one wordlistfile like(wordlist.txt), in that file give your hint like
Password Hint:
users
Users
Password
password
pa55word
Password
@
*
#
$
&
1
2
123
789
U will get your password.
回答13:
Zach Klippenstein on Google+ had the same issue like you. You can follow the thread here.
回答14:
Android brute force will not work if your both the passwords are different so the best option might be like that try to find the file named as
log.idea
in your
C:/users/your named account
then you might found that in there in android folder open that file lpg.idea in notepad and then search for
alias
using find option in notepad you will find it that the password and alias and alias passwors has been shown there
回答15:
I have found the password in
C:\Users\{Username}\.AndroidStudio2.2\system\log\idea.txt
Search for
Pandroid.injected.signing.store.password
回答16:
Finally i found the solution after spending two days...
Follow these steps:
- Go to project
- In .gradle find your gradle version folder in my case it was 4.1 (Refer pic)
- expand the 4.1 folder and then in taskHistory folder you will find taskHistory.bin file.
- Open taskHistory.bin file in android studio itself.
- Search for ".storePassword" .. That's it you got your keystore password.
This really worked to me.
Try this and happy coding!!!
回答17:
Adding this as another possibility. The answer may be right under your nose -- in your app's build.gradle file if you happened to have specified a signing configuration at some point in the past:
signingConfigs {
config {
keyAlias 'My App'
keyPassword 'password'
storeFile file('/storefile/location')
storePassword 'anotherpassword'
}
}
Do you feel lucky?!
回答18:
I had the same problem at once.
Even though with App signing by Google Play, loosing keystore or it's password is not a big deal like earlier, Still as a developer we rather prefer to change it's password and use a generated keystore file without waiting for few days to google to handle it.
( To handle this issue with google use this link to make a request)
To handle this issue by ourselves,
First download two .java files from this link.
Then compile the ChangePassword.java by javac ChangePassword.java
command.
Then after you may run
java ChangePassword <oldKeystoreFileName.keystore> <newKeystoreFileName.keystore>
Change oldKeystoreFileName.keystore with the path/ name of your current keystore file, and newKeystoreFileName.keystore with path/name for the new generated new keystore file.
This will promot you to
Enter keystore password:
. Just enter whatever you prefer :) no need to be the original password that lost. Then Enter the new password with *
new keystore password:
- Voila, that's it. This won't change the checksum of your keystore and won't make any issues in app signing or uploading to play.google events.
回答19:
To summarise there are 3 answers to this question (and the solution is not given by the accepted answer):
If you have your logs intact, then you can find the password in the Android Studio log files as per Georgi Koemdzhiev's answer above.
You can retrieve the password from the 'taskArtifacts.bin' file in your .gradle directory as per ElDoRado1239's and Gueorgui Obregon's answers above. This doesn't seem to work for newer versions of Gradle (2.10 and above).
Use AndroidKeystoreBrute to guess or bruteforce your password as per Srinivas Keerthiprakasam's answer above.
All these 3 solutions are covered in-depth at this link.
回答20:
In my case I was getting the alias name wrong, even though I stored the correct password. So I thought it was the wrong password (using ionic package) so i used this command to get the alias name
keytool -list -v -keystore
And I was able to use the keystore again!
回答21:
C:\Users\admin\AndroidStudioProjects\TrumpetTVChannel2.gradle\2.14.1\taskArtifacts\taskArtifacts.bin
1st try to create new keystore....then open taskArtifacts.bin with notepad and look for password that you just given....you will able to figure out words near to password that you just given then search for these words near to your password in same file....you will able to figure out the password.....:)
回答22:
No need to use brute force a simple way is to find your plain text password.
goto:
C:\Users\<your username>\AndroidStudioProjects\WhatsAppDP\.gradle\2.2.1\taskArtifacts
Open:
taskArtifacts.bin
when you open taskArtifacts.bin might look encrypted, don't worry about that search for ".keyPassword" a couple times. Then you will find your password in plain text. It may resemble:
signingConfig.keyPassword¬í t <your password>Æù
Hope this was helpful.
回答23:
Well to look up for lost keystore password you can try this, For me the following solution worked pretty well.
find the idea log files in ~/Library/Logs/AndroidStudio2.0
. You can also locate these by opening Android Studio-> Help->Show Log in File manager.
Open the idea.log
file. Note: There may be multiple files named idea.log.1
, idea.log.2
etc. Look through each of them till you find the password.
Search for “Pandroid.injected.signing.key.password”
and you can see the key password.
Hope it helps...
回答24:
I have experienced same problem, I have tried below steps to solve the problem :-
Create sign apk with creating new keystore and new password.
Now create again sign apk by using your old keystore (keystore used at the time of previous apk build upload) but now use new keystore password.
Now definitely you will create successfully sign apk using old keystore.
- Hope this solution will help you..
回答25:
In my case I had upgraded my Android Studio from 2.3 to 3.0.1, When i trying to generate a signed apk for a new update i got "Keystore was tampered with, or password was incorrect" error. I had my previous keystore and i was absolutely sure of the password, using them I had updated the app before a couple of times. After searching a lot none of the solutions worked for me. Here is what i did.
- Opened another project.
- Imported my project using File/New/Import Project
- Once gradle was built i tried to generate a signed apk. Build/Generate signed APK
- Clicked on "Choose Existing" and provided the path to my keystore.
- typed in my key store password
- selected the key alias
- typed in my key password (In my case both key store password and key password are the same)
- Clicked next and provided path for the new Apk and checked both checkboxes.
- New APK got generated successfully.
Hope this helps anyone.
回答26:
If Nothing work try these line. Move to the path where .jks is stored. Run this command in command prompt. It will ask for password, ignore that and press enter.
keytool -list -keystore sample.jks
回答27:
SOLUTION 2018: Sign app with new keystore file if you missing password or jks file.
1) Create new keystore.jks file with comand line (not android studio build menu)
keytool -genkeypair -alias upload -keyalg RSA -keysize 2048 -validity 9125 -keystore keystore.jks
Windows example:
"C:\Program Files\Android\Android Studio\jre\bin\keytool.exe" -genkeypair -alias upload -keyalg RSA -keysize 2048 -validity 9125 -keystore "C:\keystore_new.jks"
2) Generate a .pem file from new keystore
keytool -export -rfc -alias upload -file upload_certificate.pem -keystore keystore.jks
Windows example:
"C:\Program Files\Android\Android Studio\jre\bin\keytool.exe" -export -rfc -alias upload -file "C:\upload_cert.pem" -keystore "C:\keystore_new.jks"
3) Use this support form, set "keystore problem" and with attachment add .pem file:
https://support.google.com/googleplay/android-developer/contact/otherbugs
4) 12-48h you new keystore is enabled. Update your app on playstore with new apk signed with new keystore :D
回答28:
People do not always give a keystore a password, choosing to leave it blank instead. Try pressing Enter for the password, it worked for me in this scenario.
回答29:
Nothing Will work you so please do not use any methods for recovering all are of no use best option is that you have to re-submit the app with new key and unpublish the old app