Saved by the Logs: How to Recover a Forgotten Keystore Password via IDE Build Logs.

The greatest distance in the world is when the password is right in the IDE, but I can't see it

I believe many Android developers have experienced this frustrating moment: you're preparing to package a Release version, only to realize you've forgotten the Keystore password you haven't entered in ages! Although Android Studio thoughtfully provides a "Remember passwords" option and fills it in automatically, it only shows you •••••••• and refuses to reveal the plain text.

Do you really have to apply to Google to reset your Upload Key or resort to brute force?

Don't worry! As long as Android Studio still remembers the password, we can "intercept" it through Gradle.

# How It Works

When we execute Generate Signed Bundle / APK, Android Studio must "inject" the password into Gradle behind the scenes so that Gradle can perform the signing. We simply need to plant a snippet of code in build.gradle to listen for this injection and print the password to the log.

# Implementation Steps (Kotlin DSL Version)

Step 1: Plant the Interception Script

Open your app-level build.gradle.kts file and paste the following code at the very end of the file:

Kotlin

// ==========================================
// Password Interception Script (MUST DELETE AFTER USE!!!)
// ==========================================
project.afterEvaluate {
    val storePass = project.properties["android.injected.signing.store.password"]
    val keyPass = project.properties["android.injected.signing.key.password"]

    if (storePass != null || keyPass != null) {
        println("\n========== [GOT IT! Passwords are here] ==========")
        println("Store Password: $storePass")
        println("Key Password:   $keyPass")
        println("=========================================\n")
    }
}

Step 2: Trigger the Build

1. Click on the top menu in Android Studio: Build > Generate Signed Bundle / APK....
2. Follow the normal process and select your Keystore path.
3. The crucial step: Ensure that "Remember passwords" is checked (this is required for the IDE to output the passwords).
4. Click Next > Create to start the packaging process.

Step 3: Check the Log

Once the build starts, open the Build tab at the bottom and click the "Toggle view" (list icon) on the left to switch to plain text mode.

Search through the logs for the keyword: GOT IT.

You will see something like this:

Plaintext

========== [GOT IT! Passwords are here] ==========
Store Password: your_lost_password_123
Key Password:   your_lost_password_123
=========================================

Step 4: Backup and Destroy (Most Important!)

Congratulations on recovering your password!

1. Immediately record the password in 1Password or another secure location.
2. Delete the code snippet you just added to build.gradle.kts right away.
3. If this code was accidentally committed to Git, be sure to modify your Git history or treat the password as compromised.

# Conclusion

This method leverages Gradle's project.properties mechanism to directly read parameters injected by the IDE. It's safe, fast, and doesn't require installing any cracking tools. I hope this helps fellow "goldfish-brained" developers!