Encrypt Backup Password Problem

Switched from iphone 4s to 5s. Backed up my 4s, before buying it from the electronic store. Went straight home after I picked up the 5s, plugged it in to my pc and when the password prompt came up, I entered every possible password I am currently using or have used in the recent pass. None worked!

I did have an exchange account on my 4s, and when I called my employer IT, they basically said they do not encrypt backups and don't know anything about encrypted backups on iTune.

Between my work pc and apple log in, I have changed my password about 10 times since I have had my phone. In fact, my work requires that we change passwords at least every 90 days. I've been there over 3 years (with an iphone). Do the math.

I don't write down my old passwords. I never thought I would need them in a circumstance such as this bc I make a practice of doing full (non-encrypted) backups on my pc and I have no algorithm to remember them.

I tried to do a password crack and the system runs for 1/2 hour, then tells me that it could not come up with the password (or anything resembling). I feel it is not necessary to purchase full packages of these cracking softwares and this has been confirmed on this thread.

Every time I think of the kids baby pictures I want to cry. Every time I try to log into something that I have no idea what the username/password is, I want to cry. I did in fact cry last night when I got on the phone with Apple (ONE MORE TIME) and the first agents patched me onto an "Advanced Manager Agent" and it took half hour for the guy to even understand what I was talking about. I'm pretty sure English was his first language.

I'm going home tonight to try some new suggestions from this thread. But I basically have no hope anymore.

We may say it's not Apple and Apple may not want to take responsibility for this, but they are responsible.

The person on the phone with me last night asked 7 different questions, just to verify who I was. Some of those questions cannot be known by one single hacker - (Since encrypted backups are for my security). Why don't they have something set up for a recovery?

Or why don't they have a recovery of all encrypted backups, whether by me or by an exchange account from my employer. MAKE them enter a password or a contact where to obtain the password, regardless if the phone is a personal phone or a company issued phone.

If it's a personal phone, why aren't I prompted when it is being encrypted or have a double prompt to ask whether I actually want my backup encrypted with a password.

There are so many ways to avoid this madness that obviously so many people are dealing with. These are very expensive devices and at times services - we are entitled to topnotch service and not have to deal with something so F*! basic.

These people are supposed to be at the top of their games. Where?! How?!

Feeling completely screwed!

Apple has no way of knowing your backup password, that's why they can't help you. It is yours, and exists only on your computer. And you created it. You were prompted the first time you made a backup with encryption checked. If Apple knew your password there would be worldwide clamor about how Apple was spying on you, or providing your personal information to the NSA or GCHQ.

The only product that MIGHT be able to help you is from elcomsoft, a company that makes encryption products for government and law enforcement. Their trial version will give you the first 2 characters of your password. There are no other legitimate password crackers around; the ones that advertise are little better than frauds.

You can speed up the process of trying passwords by unchecking "encrypt backup" in iTunes. You get unlimited tries. So think of what you might have used a year or two ago. Including your work domain passwords back then. Your employer may have inadvertently set the requirement, because it is the default for Exchange accounts.

MadUser12

I posted this earlier -- I had the same problem and did this and it worked!

I was upgrading my iPhone's iOS, and the upgrade created a backup, but it was encrypted and I never set it to encrypt. I usually use the same "set" of passwords and numbers. I followed the suggestion to use Elcomsoft Phone Password Breaker, and finally recovered the password.

• Downloaded EPPB and I ran it in trial mode (just continue without entering an activation code)
• Put all of my normal passwords in a text file
• Added that text file as a dictionary in EPPB by clicking the green plus, then the other green plus and finding the TXT file I created. I also chose to use maximal mutations for my text document (it capitalizes and combines words from the dictionary to try out variations of the passwords I gave it)
• WITHIN SECONDS!!! it told me the first two characters of the password, and showed 8 asterisks (so the total password length was 10 characters). I knew from those first 2 characters what the password was!
• Elcomsoft offered to show me the complete password if I bought a full license (~$80)
• Restore completed successfully.

Lawrence Finch, you seem to be a pretty good source of information on this thread, so for the sake of not being combative, I will try that software AGAIN, even though currently it has not even been able to locate the backups on my pc so far.

That said, my point is made in that if there is a software that can "crack the code", Apple can certainly come up with a way to help me retrieve it or change it or obtain it (whatever you want to go with).....If the issue is an exchange, can I get a prompt that it is being encrypted? or whatever!!

I know you believe there is one answer to this: One enters password, One forgets and One is screwed because One cannot remember their own password, but I see many people have disagreed with you and a few people on here have debunk this theory.

Here are my challenges:

Say it's the Exchange Account:

I backup on September 15 - It is encrypted.

I backup on October 15 - It is not encrypted

I backup on November 15 - It is encrypted

Why the gap? Why not encrypt it every time? Apple couldn't answer that question either.

Say it's the being encrypted since an older previous backup was encrypted and I just forgot password:

I backup on September 15 (hypothetically with password) - It is encrypted.

I backup on October 15 (hypothetically with same setting from 9/15) - It is not encrypted

I backup on November 15 - (hypothetically with same setting from 9/15) It is encrypted

And please don't say I removed the password on October 15, bc my argument is that I never encrypted to begin with.

Please note that November 16-present, I tried to back up and restore my phone. I tried with a password at first - the back up becomes encrypted

- Tried it without a password - the backup is not encrypted that night - the next day it becomes encrypted.

Please also note that there are no exchange accounts on my phone, I'm working with blank phone, trying to see where I may have gone wrong.

So you see my problem? the whole thing becomes so convoluted that I loose track and become confused, and so is Apple when they remote access into my pc and see it for themselves.

You are welcome to try to give me a real practiced solution as to exactly why this is occuring for me and others, but I beg you to not stick to the same old argument. This is obviously being met by challenges - to you and Apple (Maybe both and the same???)

:-/

MadUser12 wrote:

That said, my point is made in that if there is a software that can "crack the code", Apple can certainly come up with a way to help me retrieve it or change it or obtain it (whatever you want to go with).....If the issue is an exchange, can I get a prompt that it is being encrypted? or whatever!!

Please read the elcomsoft FAQ: http://elcomsoft.com/phone_password_recovery.html

You will note that it is not guaranteed to succeed, And that if you have chosen a good password it may take several lifetimes to break the encryption. If you give it a list of passwords that you have used in the past it gives it a better chance, as it can analyze the pattern of those passwords. But they are clear that they cannot always succeed. All it does is try every possible combination of letters, numbers, and punctuation, starting with your word list, then dictionary words, dictionary words with simple substitutions like numbers for vowels, then random combinations. If it gets as far as random combinations it will probably fail. It is a brute force approach; it is not using any shortcuts or "back door" access.

You DID get a prompt that it was encrypted, and you were prompted for the password the first time. You may not remember, as we all frequently get prompts for our passwords, but the only way a password gets chosen is if you enter it twice. iTunes does not make up passwords, as you will see from the message thread from people who figured out their passwords.

MadUser12 wrote:

I know you believe there is one answer to this: One enters password, One forgets and One is screwed because One cannot remember their own password, but I see many people have disagreed with you and a few people on here have debunk this theory.

Here are my challenges:

Say it's the Exchange Account:

I backup on September 15 - It is encrypted.

I backup on October 15 - It is not encrypted

I backup on November 15 - It is encrypted

Why the gap? Why not encrypt it every time? Apple couldn't answer that question either.

Say it's the being encrypted since an older previous backup was encrypted and I just forgot password:

I backup on September 15 (hypothetically with password) - It is encrypted.

I backup on October 15 (hypothetically with same setting from 9/15) - It is not encrypted

I backup on November 15 - (hypothetically with same setting from 9/15) It is encrypted

Well, a couple of questions. Do you back up more than one device (could the unencrypted backup be a different device)? Is "Encrypt backup" checked in iTunes? Have you tried rebooting your computer, as a couple of users have reported that they believe that they got the encrypted backup prompt in error, and it went away after rebooting?

The point is that many people in this thread have finally been able to restore their encrypted backup by trying enough passwords. And in every case where they succeeded it was a password that they had used in the past. Several are convinced, for example, that it is their Apple ID password, but all lower case, and sometimes an older Apple ID password. This is not that unlikely, because if iTunes prompts for a password that is probably the first thing you would think of.

I for one am happy that Apple uses strong encryption to protect my data from everyone except possibly the NSA.

BlondieBCareyand Lawrence Finch

As promised, I tried the Elcom Soft again and it worked this time.

Somehow it was my current/previous phone password - backwards. I have no idea how that happened. Maybe I had it like this at some point, IDK.

Elcom ran the attack, and then the window popped up that no passwords could be found. I clicked around the window, per Blondie's instructions, on a green button with a plus sign on it, then again on a blue floppy disc icon - Nothing happened on that window.

Well, I'm not sure which one generated them, but at some point when I returned to my desktop there were 3 files which had not been previously there. I clicked on the first two and they made no since, I then clicked on the last one, then opened it in the notepad.

I could barely make out what was on there. In itself, the document looked like an encryption - all jumbled up. I did a search on the document for any words, numbers or dates and found nothing. I then browsed the document page by page and section by section - I was finding several characters which are kind of placed next to each other but separated by spaces then by commas or semi-colons, which made no sense, as none of my passwords have ever had punctuation marks.

One in particular, had 4 Ys and it was separated by a semi-colon with two random letters next to it. I assumed ys stood for year then knowing my password now, I tried to do the restore again, with my password backward, with no hope it was actually going to work.

Well, usually flashing once then rejecting my previous password attempts, the green flash went once, twice then three times - then the window indicated that the phone was being restored. I thought I was imagining it bc how could it be my password backwards. Didn’t care bc it was working.

I even sat motionless almost expecting for it not to finish the backup, but it did.

I urge people to not give up and tap into their tenacity when it comes to this because I have been dealing with this for over two weeks now. I also urge that you try this method, if you are dealing with an iPhone restore backup problem - don't know about iPads, but won't hurt to try.

Lawrence FinchI am certainly grateful that Apple is trying to protect my information however, I still say that there is something that they can come up with that would allow me recover my restore. ****, they just made a phone that can let me unlock it with my thumbprint - You know what I mean?

As naturalized immigrant, I was only a child when I was handed a set of identifying numbers to my name. I knew then I could be tracked down by my government...So please don't get so hung up on the NSA stuff, they know much more than you think. For the most part, Apple and other sources are used to collect evidence in case they have to go to court or show up before a board.

Don't get me wrong, that doesn't mean I want my information out there for some hacker to use or sell off to do God knows what with. But let's face it; this is a topic for another time.

Either way, I would like to thank both you and BlondieBCarey, for your guidance with this.

(Restore Recovered) = HappyUser

Had this same problem when setting up my sister's iPhone. We went through ALL her passwords and it turned out to be her first AppleID password from 6 years ago.

This is pretty ridiculous. She never set up any encrypted backup and her mistake was probably backing-up via iCloud once.

Sorry, but she did set it up and dosen't remember it. There is no way that iTunes could have set it up without her help AND know what her Apple ID password was. iTunes does not store any passwords in plain text - basic security design. And you will see that everyone who has figured out what their backup password was has reported different passwords. It's just not believable that iTunes chooses passwords at random when it doesn't know what passwords you have used for other secure activities. How, for example, would Apple know your corporate domain password (which many people have discovered)? Or your computer's login password?

This is a getting to be a pretty long thread but other people experience this too... she didn't encrypt her database. She backed up with iCloud.

Yes... Apple knows your AppleID passwords. All of them as they don't let you use the same ones within a year or something. So it's perfectly feasible that they choose a password from that list... maybe the first. One that she used when encrypted databases weren't even available. So how does that make sense?

And I am not saying they do but it would be easy for Apple to obtain your corporate password and computer password... it's all stored in the Keychain and now that is in iCloud too. They build the OS... perfectly easy to do. And log your encryption key. It's the same thing that malware does but they have access to the root functions so they could bake it in. Again... I am not saying they do... I am just saying if it would be easy for someone... it'd be the company that builds the operating system.

If it was in the keychain it wouldn't be necessary to prompt for it; the keychain would have filled it in. As it does for mine.

So here are the two scenarios:

1. Apple deliberately had iTunes check the Encrypt Backup checkbox, then chose a password at random from the Keychain. Or somehow knew the corporate ID that some people have found to be the key, even though it never existed in cleartext on the computer, but only in the corporate Active Directory server. Or somehow knew the iPhone's unlock code, which is only saved on the phone, never in iTunes.

2. She accidently checked the Encrypt Backup checkbox years ago, was prompted for a password, and entered her Apple ID password at the time as it was iTunes asking for it. Then forgot the incident, because it never occurred to her that it was the password to encrypt the backup.

Which do you consider the most likely?

I didn't say Apple did that. You asked "How would Apple know your corporate domain password or computer's login password?" And I am saying via the Keychain which they built.

I would absolutely beleive that my sister accidently checked the box. Except the password that was hers existed before encryption was even an option. They didnt' always encrypt your backups. She also never synced her iPhone... one of those users that only bought and used things on the phone itself. I created the backup before changing phones. Like I said, her mistake was syncing ON the phone via iCloud.

I am not saying anything nefarious is going on... it simply seems like a bug in the iCloud backup.

The only reason I posted was to re-affirm others to try ALL their passwords no matter how unlikely.

I agree with Lawrence! It's not right that Apple implemented this but it's one of your old passwords!

I was bored so I tried all the passwords that I could think of and it finally worked!

**** Apple!

Thanks! Your tip helped me. Don't remember setting it in first place.

Your itunes password has nothing to do with the encrypted backup passcode, and Keychain does not store them. Whne you created your back up and chose to make it encrypted, before the backup was complete it gave you the option to create the passcode as well as a disclaimer that pretty much says that if you forget the passcode there is absolutly nothing anyone can do about it. The passcode is stored locally on your device and nowhere else. You created it and you are the only person with access to it.

This probably wont help but my password was 1234

Yeap 1234

I never created any password for this encryption and I spent 3 days trying every password.

I use keepass 3 to store all my passwords and knew there was something wrong when I didnt have this password.

I read here http://www.flickr.com/groups/brushes/discuss/72157635390573402/ (not sure how "real" this account is) " As I also understood, the password has to be a number code from 0000 or 1111 to 9999." and said I will give it a go.

So I stared using 0000 then 1111 then 2222 then 1234 and bingo!!!!

I was one step away from deleting everyting and starting from scratch....