Frequently Asked Questions

All your Questions answered in one place

Some of your Questions:

Q. Who are you? provides a professional service that attempts to recover your passwords (hashes like MD5, NTLM, Wordpress etc), WPA dumps (handshakes), Microsoft Office encrypted files, Archives (Zip, Rar, 7zip) and encrypted Apple iTunes Backup files, obtained in a legal way (pentest, audit, lost password,..).

/!\ We are NOT a hacking website, we do NOT hack/crack websites, and we assume all submitted hashes are for testing purposes or obtained in a legal way (pentest/audit for example).

By using our service you agree that you are not violating any laws or regulations on copyright or privacy issues that exist in your country.

Q. What kind of password?

Full detailed list here.
If you have other algorithms (Unix, salted, etc) you can contact us directly.
How does the service work? Follow the steps here

Q. How do you do that?

Our distributed cracking system use several mechanisms: pre-calculated tables, GPU computations, huge private and public wordlists, brute-force, hybrid attacks, etc, for password recovery. Benefits:

  • Fast (Min: few seconds / Max: 5 days)
  • An option to speed it up if your are in a hurry
  • Many algorithms supported (more than 20)
  • "On demand" service: contact us with your large hash file / special algorithm / whatever , we may help you.
  • Free or low cost: See our pricing policy
  • Direct email support, with real humans!
Moreover, weak passwords are easy to recover. You can check how secure is your password and how fast it could be cracked.

Q. Can you guarantee to recover my password?

No, a strong password having numbers, special characters and/or long length might not be recovered.
Fortunately we recover a large majority of passwords.

Q. Is it free?

It depends on the password complexity: all you need to know is here: pricing policy.

Q. What does "Not found" and "In progress" mean?

Three states are possible:
Status Description
"Found" Great! We successfully recover your password :) We sent you an email, please check your inbox or spam folder.
"Not found" We cannot recover it, the password may be too complex, and is not in our wordlists. However if you have any hints about it (length / charset / keyboard used / algorithm / ...) you can contact us, we can check again.
"In Progress" We are currently working on the task. At this state nobody on earth knows if the crack will be successful or not: no need to contact us, just wait you'll receive an email if recovered.

Q. How can I pay if I need to?

If you need to pay for a hash (MD5, NTLM, ..):

  • Click on "Buy now" button
  • Choose the service that suits you best among the list
  • You are securely redirected to the choosen partner website: we don't handle payments as this is not our job, we rely and trust on our partners
  • Our partner inform us about your payment, then your password is immediately displayed to you, no human action required!

If you need to pay for a specific wordlist/bruteforce option (WPA, Office, Archives, iTunes files):

  • In your dashboard, click the "Select wordlist" button on the line where you want to run the specific wordlist against
  • Choose the wordlist or bruteforce option that suits you best, see details of our wordlists here
  • Once selected, click on "Upgrade" button to validate your choice
  • Choose the payment service that suits you best among the list
  • You are securely redirected to the choosen partner website: we don't handle payments as this is not our job, we rely and trust on our partners
  • Our partner inform us about your payment, then the new wordlist/bruteforce option is taken into account immediately, no human action required!

If you need to pay, we acccept:

  • Credit/Debit card
  • Bitcoin, Ethereum, Litecoin
  • Paypal: No. (actually they do not support password recovery service business)
  • Paysafecard: No.

Q. Are you guys a scam?!

Instead of a long speech, take a few seconds to consider the evidences that we are not a scam:
- Several customers testimonials
- You can test our services for free!

Q. Who would use your services?

- People who has forgotten their password (e.g: Windows or OSX account passwords)
- IT security experts, penetration testers, etc.
- IT security enthusiasts.

Q. Guarantee

We double check each password before sending you an email, thus we are 100% confident that the password is correct.
However, for any reason, if you are not satisfied with the service, contact us and we will check again with you.

Q. How long will a crack take?

Min: few seconds / Max: 5 days.

You are in a hurry? [For Hashes only]
You can speed up the recovery process of your task. Click on the 'clock' icon and follow the instructions.
We then put your task at the highest priority level of our tasklist. Your recovery task will be immediately on the top priority.

How does the service work? Follow the steps here.

Q. Why choose you?

We have the experience and resources required to recover your hashes.
Here are several customers testimonials.

Q. How do I retrieve/extract a hash?

Depending of your system, please read our "how to" tutorials on the menu.

Q. How will I know when you recover it?

As soon as your password is recovered, we send you an email with the link to get the password.
You just have to wait while we work for you ;-)

Q. What does "HEX[xxxxxx]" mean?

It's the hexadecimal encoded representation of your password. Why? Because your password contains non-ascii and/or non-printable character, that's why we surrounded it by "HEX[]".
Copy the hexadecimal string into a hexa-to-ascii converter (google can help you). Or look at this table
Such unicode characters can be written with a keyboard with this manipulation.

Q. Refund policy

We double-check each password to ensure it's the good one and there in not any error. But if you have any problem with your order and you think it's wrong, contact us, we can obviously check again to solve the problem or, in extreme cases, refund you within three business days. Please don't forget first to read the guide to check our result.

Q. Payment Decline

We are aware of the difficulties for USA and Canada customers when tring to pay via Credit/Debit Card.
Our Credit/Debit Card Payment Processor Partner does not allow USA/Canada customers to pay for our work. Two solutions: use cryptocurrencies or contact us to go through another payment partner.
Paysafecard is not supported.

Q. Confidentiality

We delete uploaded WPA capture files once the process (successful or not) is finished. We do not keep any log or any file related to your upload.
For hashes (LM, NTLM, MD5,...) we just keep the hash, the password, and your email in order to notice you when the task is done.
You can permanently delete these information from our databases: just contact us.

Q. Are payments fast?

Regarding to cryptocurrencies it's a question of Transaction Fee. Every single cryptocurrency transfer must include a fee, which is required to ensure your transaction is confirmed by the Network.
Higher Fees mean faster transactions, thus faster processing. More information about fees.
Currently, the mean time to process your crypto transaction is -6 minutes.

Regarding to Credit/Debit Card payments, these are instant. Well, it takes less than 2 minutes to be confirmed and processed.

Q. Any useful API there?

Still in beta mode, you can use our API to send your WPA capture dump(s) MS Office documents, PDF, Archives and iTunes.
Integrated in wlancap2wpasec tool for WPA. More tools to come.

Q. Bug Bounty

Bug bounty program: individuals can receive recognition and compensation for reporting us important vulnerabilities that can put our data, users or databases at risk (e.g: SQLi, RCE, LFI, etc.) which are exploitable.