Recovered my dad’s old Blockchain.com wallet (14 BTC), but stuck with forgotten password – need advice

Hey everyone,

I’m both excited and frustrated right now. After weeks of digging, I found that my dad actually bought some BTC back in 2015 on Blockchain.com. The good news: I managed to recover access to the email and keystore file (not JSON, but the encrypted keystore). The bad news: nobody remembers the password.

Here’s where I’m at:

• I’ve tried some tools like btcrecover and hashcat.
• I have some password hints from my dad’s old saved browser passwords (so I’m not shooting completely in the dark).
• I know some services claim they can crack wallets, but most look sketchy and I’d rather not trust strangers with this.

My question:

• Has anyone here had success stories recovering a Blockchain.com wallet with password hints?
• Is it realistic to attempt this myself, or is it a dead end without professional help?
• If there are trusted communities or resources you recommend (guides, success stories, etc.), please point me there.

I’m not asking anyone to crack it for me — just want to know what’s actually worked for people and if there’s a sane path forward before I waste months on the wrong approach.

Thanks in advance ????

Update 1

Just wanted to share where I’m at and hopefully get some feedback: * I figured out this is a non-custodial wallet. So if I don’t get the password, there’s no recovery option from Blockchain.com.

• I went to Blockchain.com, logged in with the wallet ID, and by entering a wrong password I was able to get back the wallet.aes.json file (encrypted wallet backup).

• I have around 20 base password variations that my dad typically used. Using those, I generated about 1 million variants with the help of tools + LLMs.

• I tried those against the wallet.aes.json using btcrecover (CPU-based), but no luck so far.

My next step: I want to move this to Hashcat (GPU-based) so I can test more possibilities.

Now I’m considering a few approaches, and would love input from anyone who’s been through something similar:

• Expand the wordlist: Take my 20 known password hints and generate ~20–50 million variations (instead of just 1M) and run them in Hashcat.

• Pattern-based attack: Try to define regex-style rules or patterns in Hashcat, based on what I know about my dad’s password habits, instead of just a big flat wordlist.

Other smarter approach? Maybe I’m missing a more efficient way to combine hints + patterns so I’m not brute forcing blindly.

So my question is: what’s realistically the best way forward here? Is it worth generating massive wordlists, or should I focus on getting good rules/patterns for Hashcat?

Any tweaks, tips, or alternative methods are welcome ????