Guide . MetaMask

MetaMask vault and seed recovery

If MetaMask won’t accept your password but your browser profile is intact, your wallet is usually recoverable — the encrypted vault is still there, waiting to be unlocked.

Updated July 2026 · KeychainX — Wallet Recovery since 2017

A note on safety. KeychainX never asks you to type your MetaMask password or Secret Recovery Phrase into any website or form. This guide explains how recovery of your own wallet works.

MetaMask has two very different secrets, and knowing which one you’ve lost tells you whether you’re in an easy situation or a hard one. There’s your password (which unlocks the extension on this device) and your Secret Recovery Phrase — the 12-word seed that actually controls your funds. The good news: even if you’ve forgotten the password and never saved the seed, the wallet is often still recoverable.

The vault vs. the seed

When you set up MetaMask, it takes your seed phrase, encrypts it with your password, and stores the result — the vault — locally in the browser extension’s storage. Your password is never saved; it only decrypts the vault. So two paths exist: if you have the seed, you can reinstall MetaMask anywhere and restore. If you’ve lost the seed but still have the vault (your browser profile is intact) and just forgot the password, we can recover the password from the vault — and the seed comes out with it.

Where the vault lives on your drive

The vault sits in the extension’s local storage — a small database inside your Chrome, Brave, Edge or Firefox profile folder, under MetaMask’s extension ID. It survives as long as you haven’t deleted the browser profile or uninstalled the extension without keeping the profile. This is why the golden rule after a lockout is: don’t uninstall MetaMask and don’t wipe the browser profile. If the vault is gone and you have no seed, there is nothing left to recover.

Recovering a forgotten password

Recovering the password is a search, done entirely offline. We extract the encrypted vault blob from your browser profile and test password candidates against it — MetaMask uses PBKDF2 key-stretching and AES-GCM encryption (hashcat mode 26600), with a MAC that confirms the instant a guess is correct. We build those candidates from what you remember: length, fragments, passwords you reused elsewhere, the year you created the wallet. The moment one decrypts the vault, both your password and your seed are recovered. Nothing is entered on any live site. Because MetaMask’s key-stretching is deliberately slow, each guess is costly — which is exactly why a good hint about the password is worth far more than raw computing power, and why the more you can tell us about how you formed it, the better the odds.

If you have the seed but a broken install

Sometimes the wallet itself misbehaves — it won’t open, freezes, or shows a zero balance after an update. If you have your 12-word Secret Recovery Phrase, the cleanest fix is a fresh MetaMask install and a restore from the phrase. If the restored wallet shows the wrong or empty account, that’s usually a derivation or account-index issue rather than lost funds, and it can be resolved by checking the correct account path.

The Trezor-in-MetaMask hidden-wallet gotcha

One trap catches people who pair a Trezor with MetaMask and use a passphrase (hidden wallet). If you later connect the Trezor to a different MetaMask, or forget the exact passphrase, the hidden wallet appears to “vanish” — the funds are fine on-chain, but you’re looking at the wrong derived wallet. Always confirm your Trezor passphrase and account before moving significant funds. If the passphrase itself is lost, that becomes a passphrase-recovery case, which we handle.

Recovering the vault from a backup or another machine

If the browser you used is gone but you kept a backup, the vault may still be reachable. It lives inside the browser profile, so a full profile backup, a synced-but-encrypted copy, or an old machine that still has the extension installed can all hold a usable vault. Even a corrupted browser profile can sometimes be salvaged forensically. Before you conclude a MetaMask wallet is lost, check every device and backup where that browser ever ran — a single surviving copy of the vault, plus a password hint, is enough to recover everything. If you find the profile but can’t locate the vault data inside it, that extraction is part of what we do.

What we can’t do

If the vault is gone (browser profile deleted, extension removed without the profile) and you have no seed phrase, there is nothing left to decrypt — no one can recover it. If you only have a public address, that’s not recoverable either. And be wary of any “MetaMask recovery tool” that asks you to enter your seed or password into a website; that’s how wallets get drained. We work only from your own encrypted vault, offline, and never ask for payment upfront.

Frequently asked questions

I forgot my MetaMask password but not the seed — what do I do?

Reinstall MetaMask and restore from your 12-word Secret Recovery Phrase, then set a new password. Your funds come from the seed, not the password.

I forgot the password AND lost the seed — is it hopeless?

Not if your browser profile still has the MetaMask vault. We can recover the password from the vault offline, and your seed comes out with it. Don’t uninstall the extension or wipe the profile.

Where is my MetaMask vault stored?

In the extension’s local storage inside your browser profile (Chrome, Brave, Edge or Firefox), under MetaMask’s extension ID. It’s what we work from to recover a forgotten password.

My Trezor hidden wallet disappeared in MetaMask — are my coins gone?

Usually not. Connecting the Trezor to a different MetaMask or using the wrong passphrase shows a different derived wallet. Your funds are on-chain; confirm the correct passphrase and account.

How much does MetaMask recovery cost?

Success-based: a percentage of the recovered value only if we open the wallet, and nothing upfront.

Locked out of MetaMask?

If your browser still has the wallet, don’t uninstall it. Tell us what you remember of the password and we’ll assess it within 24 hours, success-based fee.

Contact KeychainX →