Recovery story . Tokyo

A locked MacBook, a Bitcoin fortune, and a trip to Tokyo

Some cases can’t be done by email. This one came with a plane ticket to Japan, a client who couldn’t get into his own laptop, and a wallet worth a fortune sitting just out of reach.

Updated July 2026 · KeychainX — Wallet Recovery since 2017

Most of our work happens remotely — a file arrives, we work it, funds come back. But occasionally a case is sensitive enough, or valuable enough, that the client wants us there in person. This is one of those. Details are altered to protect the client, but the shape of it is exactly how it went.

The call

The request came through an intermediary: a client in Tokyo held a substantial Bitcoin position on a MacBook, and he could no longer log in. The password he was certain of no longer worked, and everything — the wallet, the keys, the access — lived behind that login. He didn’t want the machine shipped anywhere and he didn’t want the data leaving the room. Would we come to Tokyo? We would.

Tokyo

A driver met us at the airport with a sign, and we were taken to an apartment high in a tower with the radio tower framed in the window. The setup was deliberate: a controlled environment, the machine never out of the client’s sight, and a hard 48-hour window before the return flight. The client’s brief was simple — open his own laptop so he could reach his own coins — and the constraints were strict, which is exactly how a serious recovery should be handled.

The problem

A modern Mac is genuinely hard to get into without the login password, and that’s by design — full-disk encryption tied to the hardware means the wallet file can’t simply be pulled off the drive and read. So this wasn’t a case of copying a file and cracking it elsewhere; the access problem was the wallet problem. The one thing working in our favour was that the client remembered fragments of the password — a structure, a few components — even if the exact combination escaped him.

The approach

We won’t detail the method, for obvious reasons, but the principle is the same as every case we take: turn the client’s partial memory into a structured search rather than blind guessing, and run it patiently against the target. That’s the unglamorous truth of recovery — it is far more about building the right candidate space from real hints than about any single dramatic trick. We worked it in shifts, the machine never leaving the room, while Tokyo went about its evening below.

The outcome

Inside the window, the right combination landed. The login opened, the wallet was reachable, and the client moved his own Bitcoin to a fresh wallet under his control while we watched him do it — we never touched the funds. The fee was a percentage of the recovered value, owed only because it worked. We were on a plane to the next client before the city woke up.

Why some recoveries are done in person

Most cases don’t need a plane ticket — a file, a set of hints, and remote work solve the large majority. But for the highest-value or most sensitive cases, on-site work exists for a reason: the machine never leaves the client’s sight, the data never touches the internet, and every step happens in front of the person whose coins are at stake. That’s not theatre; it’s how you remove the trust problem entirely. When someone is worried about handing over a device that holds a fortune, the answer isn’t “trust us” — it’s “watch us.”

Crypto on a locked, encrypted computer

Modern computers encrypt the whole disk and tie it to the hardware, so a wallet file can’t simply be lifted off the drive and cracked elsewhere — the login and the wallet become the same problem. That sounds like a wall, and for an attacker it largely is. For the legitimate owner who remembers something about their password, it’s a search problem instead: reproduce the login from real hints rather than guessing blindly. If your crypto is stuck behind a forgotten computer password, don’t assume the encryption makes it hopeless — being the rightful owner with partial memory changes everything.

Choosing a recovery service you can trust

A case like this is also a lesson in what a legitimate recovery looks like. We never asked for money upfront; the fee was a percentage owed only on success. We never took custody of the coins — the client moved them himself. And we adapted the process to protect him, working where he could watch. Compare that to the scam pattern: someone who contacts you first, guarantees results, demands an upfront payment, or asks you to enter your seed somewhere. If a “recovery service” does any of those, walk away. The real ones make their money by actually opening wallets, not by taking your fee and vanishing.

What you can take from it

Two things. First, a wallet on a locked, encrypted computer isn’t automatically lost — if it’s your own machine and you remember something real about the password, access is often recoverable. Second, the more sensitive the case, the more the process should protect you: work done in front of you, data that never leaves your control, and no custody of your coins at any point. If your funds are trapped behind a forgotten computer login rather than a wallet password, that’s still a recovery problem — and often a solvable one.

Frequently asked questions

My crypto is on a laptop I’m locked out of — is it recoverable?

Short answer: Yes. Often, if it’s your own machine and you remember something about the password. The login and the wallet are the same problem on an encrypted computer, and a hint-driven search can solve it.

Do I have to ship my computer to you?

Not necessarily. For sensitive or high-value cases we can work on-site so the machine and data never leave your control. Remote work is also possible depending on the case.

Do you ever take custody of the coins?

No. When access is restored, you move the funds yourself to a wallet you control. We never hold your crypto.

How much does this kind of recovery cost?

Success-based: a percentage of the recovered value only if we restore access, and nothing upfront.

Locked out of a computer with crypto on it?

Tell us the device and what you remember of the password. We’ll assess it honestly within 24 hours, and you pay only on success.

Contact KeychainX →