iphone encrypted backup the worst design flaw ever.

[T-Bob]

Yes as they're in iCloud they will return to the device unless you specify that you don't want them (think its auto when you sign into iCloud for most of them).

If you could turn off encryption without the same password used to turn it on, that would make it more complicated. As you'd now need two passwords, one to decrypt and the other to then turn it off. If you could turn off encryption without the encryption password (your private key) that would mean the files would be unreadable and only future files would be unencrypted. The current solution is one password for both, which is the only sane way to do it, unless you don't mind the second scenario.

The only thing Apple could have done to make it easier to recover iTunes backups is allow the key to be stored in iCloud as it does in FileVault, anything else would be a security risk, and there may be a good reason why FileVault is more suitable to be recovered in this way that I'm overlooking as well.

 

[KeanosMagicHat]

Yes as they're in iCloud they will return to the device unless you specify that you don't want them (think its auto when you sign into iCloud for most of them).

If you could turn off encryption without the same password used to turn it on, that would make it more complicated . . .

OK well I'll probably try the iCloud backup as a last resort - although I am concerned I may have too much data to backup within the 5GB limit.

Before that though I'm trying to hack into it by trying every password I can think of - 38 different passwords (each with at least 4 format combinations) so far and no joy yet.

Referring to the second point, if Apple chose to allow you to switch off Encrypted Backups using your AppleID password, it will still retain security and it's far more memorable given that it's imprinted with usage.

Anyway, thank you very much for your replies.

To anyone else discovering this thread in the future having found themselves in the same situation, I feel your pain . . . .

 

[PPFee]

So quite a few things have changed since the OP but clearly Apple agreed with OP, and some of the points argued as to why there was no other option were pretty silly. OP did have a point, they should have always tied the encryption password to either the computer password, or the phone lock code or ideally tie it to iCloud accounts as done now. He wasn't asking to use the old backups, and suggestions that new unencrypted backups "give people access to your data" is ludicrous, you're still not able to restore a phone to that backup and just use all their accounts without authenticating their iCloud passwords and all.

Anyhow, iOS 11 has modernized the process and made iCloud less inferior to local backups.

 

[Danzobee]

A lot of people don't understand encryption then. it's not a design flaw. That's how it's meant to work. There's no problem here. Just don't forget your encryption password. It's as simple as that. This is like forgetting the combination to your safe and getting pissed at the company that makes the safe because you forgot your combination and can't get it in.

He’s just saying there should be some warning that the passcode, if forgotten, is irretrievable. At least I think that’s what he’s saying.

 

[Schmactor]

So quite a few things have changed since the OP but clearly Apple agreed with OP, and some of the points argued as to why there was no other option were pretty silly. OP did have a point, they should have always tied the encryption password to either the computer password, or the phone lock code or ideally tie it to iCloud accounts as done now. He wasn't asking to use the old backups, and suggestions that new unencrypted backups "give people access to your data" is ludicrous, you're still not able to restore a phone to that backup and just use all their accounts without authenticating their iCloud passwords and all.

Anyhow, iOS 11 has modernized the process and made iCloud less inferior to local backups.

Yes, thank you!

 

[PPFee]

Yes as they're in iCloud they will return to the device unless you specify that you don't want them (think its auto when you sign into iCloud for most of them).

If you could turn off encryption without the same password used to turn it on, that would make it more complicated. As you'd now need two passwords, one to decrypt and the other to then turn it off. If you could turn off encryption without the encryption password (your private key) that would mean the files would be unreadable and only future files would be unencrypted. The current solution is one password for both, which is the only sane way to do it, unless you don't mind the second scenario.

The only thing Apple could have done to make it easier to recover iTunes backups is allow the key to be stored in iCloud as it does in FileVault, anything else would be a security risk, and there may be a good reason why FileVault is more suitable to be recovered in this way that I'm overlooking as well.

That’s all he asked for though, he said go ahead and render the previous backups useless and just let me go ahead and make future backups still either unencrypted or with a new encryption password without having to factory reset the device. Given that he still has full access to the device and ability to authenticate himself as owner etc./has admin privileges, and likewise can be said of the computer itself, there’s little reason to not be able to just lose access to the affected backups instead of the ability to backup entirely.

I don’t think that’s unreasonable all things considered, and he was torn apart for all the reasons it was a completely ludicrous suggestion, as per usual for the internet I guess
[doublepost=1510089665][/doublepost]

OK well I'll probably try the iCloud backup as a last resort - although I am concerned I may have too much data to backup within the 5GB limit.

Before that though I'm trying to hack into it by trying every password I can think of - 38 different passwords (each with at least 4 format combinations) so far and no joy yet.

Referring to the second point, if Apple chose to allow you to switch off Encrypted Backups using your AppleID password, it will still retain security and it's far more memorable given that it's imprinted with usage.

Anyway, thank you very much for your replies.

To anyone else discovering this thread in the future having found themselves in the same situation, I feel your pain . . . .

I assume you’ve already either given up or finished this, but if not since this was apparently a common problem there’s actually an application for Mac and pc that attempts to brute force your backup password, it may take all night long but for most people who’ve tried it/for most passwords, it’s just a matter of time, and importantly with this type of software, it’s not loaded with any sort of malware

Edit: found it. It’s called iseePassword https://www.****************/itunes-password-recovery.html

 

[R_9]

Edit: found it. It’s called iseePassword https://www.****************/itunes-password-recovery.html

It is a big scam. The software can not find any password. I have bought it, run it for weeks and nothing. Then I have made a new encrypted backup with 3 simple letters. And no result was found. Trying to contact the support team, no answer. Then after more emails they have answered that a refound can be made but they are from China and there will be a big damage of tax and development cost, supporting cost, and only half refund.
Until now I have called several times Apple support with no solution. I will keep searching for a solution to find out at least the first letters of the password using a trusted third party

 

[jetsam]

It is a big scam. The software can not find any password. I have bought it, run it for weeks and nothing. Then I have made a new encrypted backup with 3 simple letters. And no result was found. Trying to contact the support team, no answer. Then after more emails they have answered that a refound can be made but they are from China and there will be a big damage of tax and development cost, supporting cost, and only half refund.
Until now I have called several times Apple support with no solution. I will keep searching for a solution to find out at least the first letters of the password using a trusted third party

I have the MyWot addon on Firefox, and this is what I saw when I went to that site:

 

[KeanosMagicHat]

Hallelujah !!!!

To those that have forgotten their backup password and have devices that can handle iOS 11, there is now a solution.

Erase All Settings now also deletes the on device backup password. It’s still a slight pain as you have to then manually access pretty much every single setting and revert them back to your preferences, but it works.

Apple’s short process guide is here;

https://support.apple.com/en-us/HT205220

Before this, I’d been stuck on iOS 10.3.2 for the first time as an iPhone owner hoping for a jailbreak (which I don’t normally recommend for security reasons) in order to hack the keychain file and recover my password.

For those with devices that don’t accept iOS 11, this is still the only viable option.

(Apple’s official position is that you’re screwed and lose everything on your phone).

Link on the process here;

https://www.reddit.com/r/jailbreak/...but_forgot_which_row/?st=JAIZSE3U&sh=4cd04365

I still think it’s ridiculous that Apple don’t just use the Apple ID for encrypted backups. If it’s considered secure enough for Apple Pay, it should be fine for use with backups.

Anyway, hope this helps a few people. I’m now secure on the latest iOS with unencrypted backups.