How to Recover Saved Passwords in Apple Safari Browser
This research article exposes the password secrets of Apple Safari browser including where all your website passwords are stored, how it is stored and how to recover it automatically.
Safari Browser Password Secrets
Safari browser saves all your website login passwords in file called “keychain.plist” at following location
[Windows Vista/7/8/10] C:\Users\[user_name]\AppData\Roaming\Apple Computer\Preferences\keychain.plist [Windows XP/2003] C:\Documents and Settings\[user_name]\Application Data\Apple Computer\Preferences\keychain.plist
Safari browser stores this “keychain.plist” file using Property List format. Upon conversion, you will get original file in XML format.
Here is the one of the site login entry from this XML file,
<dict>
<key>Account</key>
<string>xenuser</string>
<key>Data</key>
<data>
AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAASYKymQaC1EK4WHRr83bF
PgAAAAACAAAAAAAQZgAAAAEAACAAAACVNIT8v7HufW2NgYLPt7hI
R7DbIz0wXI7eWbHrK6SlUwAAAAAOgAAAAAIAACAAAADNAk196AHY
aK/OAwC8+gScOyrMwVyI3NhAAAAAns/zd6fLldu7n/RZ9iksCnN/
pBiVyaDAUIyQnuPmA8F/Lp1sgRlg91ehbrDloeAU3pJuGQpC7TNl
QAa/MTFE8A==
</data>
<key>Description</key>
<string>Web form password</string>
<key>Label</key>
<string>www.google.com (xenuser)</string>
<key>Server</key>
<string>www.google.com</string>
</dict>
Here website, username & encrypted passwords stored in values Server, Account, Data respectively.
Safari browser encrypts the password using Windows DPAPI (Data Protection API) functions. Finally encrypted password is converted to Base64 format and stored in in above mentioned file.
How to Decrypt Safari Browser Passwords
Safari uses Windows DPAPI function, CryptProtectData to encrypt the website password using the static salt data. We can decrypt this password using the function called CryptUnprotectData.
Here is the sample C++ program to decrypt the website password.
void DecryptPassword(char *passData, int passLen, char *password, int length, BYTE *salt, DWORD saltLength)
{
DATA_BLOB DataPassword;
DATA_BLOB DataOutput;
DATA_BLOB OptionalEntropy;
DataPassword.cbData = passLen;
DataPassword.pbData = (BYTE *) passData;
OptionalEntropy.pbData = (unsigned char*) salt;
OptionalEntropy.cbData = saltLength;
if (CryptUnprotectData(&DataIn, 0, &OptionalEntropy, NULL, NULL, 0, &DataOut) == FALSE)
{
printf("CryptUnprotectData failed with error 0x%.8x", GetLastError());
return;
}
memcpy(password, DataOutput.pbData, DataOutput.cbData);
password[DataOutput.cbData] = 0;
printf("Successfully Decrypted Password is %s ", password);
}
How to Recover Safari Browser Passwords Automatically
Here is simple way to recover all the Safari website passwords without worrying about where it is stored and how to decrypt it.
You can use our XenArmor Browser Password Recovery Pro software to instantly & easily recover all your saved website login passwords from Safari browser as shown in video below,
Here are the simple steps to recover all your saved passwords,
- Step 1: Download & Install Browser Password Pro from here
- Step 2: Next launch the software on your computer
- Step 3: It will automatically discover, decrypt and display all the saved Apple Safari passwords as shown below
For more details, please refer to Online User Guide
Hope this article has helped you to understand the password secrets of Apple Safari browser.
Let us know what do you think. Please comment below if you have any queries or suggestions.
Recommended Posts
How to Recover Remote Desktop Password from UltraVNC
November 16, 2019
How to Recover Remote Desktop Password from RealVNC
November 16, 2019