You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

"Enter your passcode to trust this computer and start a backup." Every time iPhone is on charge.

After the upgrade to iOS 16.1 from iOS 15.7, with no other changes to my paired iMac, my iPhones now both routinely ask me to type in my passcode to trust this computer and start a backup. This happens whenever the device is put on charge, even if only to AC power, and the sync and backup happens over Wi-Fi. Why, and how do I put a stop to it so it goes back to the iOS 15 and expected behaviour of doing the sync and backup over Wi-Fi automatically and immediately when the device is put on charge?


I've looked around and tried various solutions, all to nothing. I reset privacy and network settings, repaired over USB, restarted everything, etc. It's still happening.

iPhone 13 Pro Max, iOS 16

Posted on Oct 31, 2022 2:20 PM

Reply
Question marked as Top-ranking reply

Posted on Nov 3, 2022 9:59 AM

Upgrade to 15.7.1 or 16.1 causes the iPhone, iPadMini and iPad to require entering a pass code EVERY TIME to do a backup to Windows iTunes 12.12.6.1 The automatic backups are broken. Prior versions only required a one time entry of the pass code to trust the device (PC running iTunes) and then would resume automatic backups after a software upgrade.

Similar questions

158 replies

Nov 20, 2022 10:48 PM in response to dmdx86

dmdx86 wrote:

I’m sure Apple would love to nudge people towards one of their paid iCloud plans (and I actually have one, but not for device backups) but I won’t use iCloud for device backups until Apple implements end-to-end encryption, which they currently do not. iCloud backups (and iOS vulnerabilities) are the only way the government or malicious actors can get at your data due to the lack of E2EE.

Ditto. The irony here being that if backups were E2E-encrypted, and if third-party audiobooks could be synced in the same fashion as third-party EPubs and PDFs, I'd both have no need for local sync and backup, and would gladly pay for more storage. As it now stands, I pay for 50 GB storage, and this morning I received the "Your iCloud Storage is Almost Full" email for the first time in a goodly while. I am distinctly unamused.


Thanks for pitching in.


After testing, I find that whether or not the local backup is encrypted is irrelevant; the passcode prompt appears anyway. If you don't get the passcode prompt, make sure you're on iOS >=16.1, and are using local backups (not just sync).

Nov 21, 2022 6:41 PM in response to Lawrence Finch

Mmm. But notice here that Apple's approach was and is very cack-handed, in that instead of solving the problem on the Mac, where the problem actually is, or in securing the backup encryption path with a one-time prompt gate, they've simply decided to prompt every single time. Since Apple Support are now actively being asked to wave off questions about this, I think it's an open question what Apple's actual position is, but I definitely wouldn't rule out an end to automated local backups, at least not without significant changes. Maybe it really is just that everyone at Apple uses iCloud and this was just a mistake, though. Who knows? I don't blame the researcher for pointing out the flaw. I'm just sorry Apple "fixed" it so stupidly.

Nov 22, 2022 7:52 AM in response to Jaimito_November11

The reason it isn’t required for iCloud backup has nothing to do with absurd conspiracy theories; it’s because iCloud backups are protected by your Apple ID password and 2 factor authentication.


The reason it is required for computer backups is because there is an identified vulnerability that has been seen in the wild that would allow a bad actor to back up, and then gain access to the backup on a computer, as reported in the National Vulnerability Database→https://nvd.nist.gov/vuln/detail/CVE-2022-32929

and as described in a “how to" here→https://theevilbit.github.io/posts/cve-2022-32929/


Essentially, any computer that has been hacked (which is roughly half of all Windows computers, and a smaller, but significant, number of Macs) can be used to get a copy of the iPhone’s backup. If the backup is not encrypted it is trivially easy to get most of the content of the phone. If it is encrypted, it’s harder, but, as there is no limit to the number of guesses of the backup password it is always possible to set up an automated process to guess the password.


And the reason just asking for it once is inadequate is because the hacker can run their hack after the passcode has been entered that one time.



Nov 22, 2022 10:00 AM in response to Lawrence Finch

"Or it’s possible that they have information that you don’t. "


Ahh, the old, "It's not impossible," so we must treat it as if it's true," approach. It's called sophistry, and it's no substitute for facts. Saying that something is possible has no connection to it happening or not happening.


As for my qualifications for making my observations, I designed computers and computer systems for 40+ years, and learned programming on the LGP30, a desk size computer designed by Stan Frankel, who helped design ENIAC. I ended up as chief engineer of an industrial barcode reader company. I've also worked in quality assurance and product testing, so I'm not giving supposition and maybes.


If it makes sense for Apple to require a passcode when making a hard connection to the computer because the computer might be infected, that reasoning does NOT magically vanish when it also backs up to the iCloud.


And if facial recognition is safe enough to open your phone and grant access to everything on it, it's also safe enough to authorize backup—especially if allowing it would, at the same time, remove the need to manually type in those pesky numbers. One small change and two problems solved.


And, there is also absolutely no reason to back up a phone that has been used for nothing since the last backup. Time Machine doesn't. But disconnect the phone from the computer and reconnect it again, and the full process repeats.


The thing is, Apple programmers make mistakes, as we all do. It's the function of the QA department to catch those errors, via beta testing, and formal acceptance tests. But they didn't. They also apparently don't make use of a feedback resource like these forums. And that's a mistake.

Nov 22, 2022 7:13 PM in response to Jaimito_November11

It works like this: I present my views and you present yours. The fact that you disagree with my presented solution is irrelevant, unless you can present factual evidence that refutes it—in which case it's a discussion—which is the purpose of this area.


And since Mr. Finch made a snide comment belittling my level of knowledge it's perfectly reasonable for me to set the record straight—and certainly not a reason for you to attack.


I will say this, though, were my programmers to have screwed up this badly, and in so many ways, without it being caught, I would have been finding a new QA manager.

Nov 24, 2022 9:09 AM in response to sgucukoglu

Apple’s backup encryption is strong, however, if you have the password (which is the encryption key) you can access the backup. And Apple gives you unlimited guesses, which is sufficient if the computer itself is secure. Further, the backup is in protected storage owned by iTunes or Finder, so the only way to try password guessing is with iTunes (or Finder for Mac OS Catalina or later), which makes it a manual process.


This hack, however, allows the bad actor to make a backup elsewhere on the computer, when it is not restricted to iTunes or Finder, allowing automated password guessing.


And, since the hack has been published widely it would be certain to be used to hack iPhone backups if the requirement to enter a password on the phone did not exist. I’m sure there is a more elegant solution that Apple is working on, but this was an emergency situation when the method of hacking a backup was made public.

Nov 24, 2022 10:39 AM in response to Lawrence Finch

Seems to me that if an outside party has control of your computer to that extent, they hardly need your phone data.


"This hack, however, allows the bad actor to make a backup elsewhere on the computer, when it is not restricted to iTunes or Finder, allowing automated password guessing."


And forcing the user to type the phone's access numbers would change what? You simply write the malware code to ask for the password, the user types it, and they own the data. The phone's password does nothing, so far as protecting the data.

Nov 27, 2022 1:48 AM in response to Lawrence Finch

Forcing me to type in my passcode to back up to a computer I am physically connected to and have previously trusted for syncing other content might make sense ONCE.


Requiring it EVERY TIME is beyond idiotic. It makes automatic backups to your Mac error-prone (miss the prompt and the backup times out, meaning you don't get a backup that day).


I'm sorry, but there's no way to spin this design change as a "feature" or "security improvement" when it breaks such a fundamental information security practice as maintaining current backups, and I've said as much to Apple in my feedback submission. If your "security improvement" makes the product overall worse you've improved nothing.

Nov 27, 2022 7:44 AM in response to Michael Graziano

I guess you didn’t read the thread you posted to.

Michael Graziano wrote:

Forcing me to type in my passcode to back up to a computer I am physically connected to and have previously trusted for syncing other content might make sense ONCE.

Requiring it EVERY TIME is beyond idiotic. It makes automatic backups to your Mac error-prone (miss the prompt and the backup times out, meaning you don't get a backup that day).

The reason it is required for computer backups is because there is an identified vulnerability that has been seen in the wild that would allow a bad actor to back up, and then gain access to the backup on a computer, as reported in the National Vulnerability Database→https://nvd.nist.gov/vuln/detail/CVE-2022-32929

and as described in a “how to" here→https://theevilbit.github.io/posts/cve-2022-32929/


Essentially, any computer that has been hacked (which is roughly half of all Windows computers, and a smaller, but significant, number of Macs) can be used to get a copy of the iPhone’s backup. If the backup is not encrypted it is trivially easy to get most of the content of the phone. If it is encrypted, it’s harder, but, as there is no limit to the number of guesses of the backup password it is always possible to set up an automated process to guess the password.


And the reason just asking for it once is inadequate is because the hacker can run their hack after the passcode has been entered that one time.


It is a FACT that this vulnerability exists and has been used by criminal hackers.


Nov 27, 2022 8:25 PM in response to Lawrence Finch

"Essentially, any computer that has been hacked (which is roughly half of all Windows computers, and a smaller, but significant, number of Macs) can be used to get a copy of the iPhone’s backup."


First, if Windows machines are a problem, then you make Windows machines the ones requiring a password.


Next, saying "a smaller, but significant, number of Macs" have the invading malware problem is meaningless. What percentage actually have the problem? How many machines have actually encountered the problem, as against quoting statistics on malware, in general? And...since those compromised machines are unlikely to have decent protective software, they're inconveniencing everyone who uses their computer for backup, when the problem computers have already been compromised in every other way.


And finally, given that allowing facial recognation would both give the password protection you feel is necessary and eliminate any required typing on the user's part, there is no defense for keeping the situation as it is now.

Dec 1, 2022 6:54 AM in response to sgucukoglu

This is what I dislike about this community - answers rarely address the question and Apple ignores everything said out here.


The problem, simply put, is the upgrade to IOS 16 caused the automatic backups of my iPhone to my Macbook to suddenly fail spectacularly. And yes, I said fail because they no longer happen automatically. They require manual intervention.


Every morning, prior to the IOS 16 upgrade, I would put my iPhone on the magsafe, go into my office, start my macbook and go about my workday. Now, when I start my macbook, I get a message saying my iphone is locked and I need to enter a passcode in order to back it up. I have to do this every time.


I don't care about synch, I don't care about itunes and I don't care about "using a lot of battery". I don't want to turn off synch and I don't want to turn off show this iphone. What I want is my iphone automatically backing up to my laptop every day so that I always have a full, restorable backup of my phone. I should not have to enter a passcode for this to happen between two devices that trust each other.


And using the "It's in the name of security" excuse is a fallacy. By that definition of "security", we would have to enter a passcode every time we connected out earbuds or our magic mouse. Once I introduce my laptop to my phone, they know each other and should talk to each other without any intervention.

Dec 1, 2022 7:57 AM in response to Lawrence Finch

"...it is trivially easy to get most of the content of the phone"

If they have hacked my Mac, they don't need any content from my iPhone.


Emails? Texts? Contacts? Photos? Documents? All of that is already on my Macbook. What is also on my Mac are previous iPhone backups. What does the passcode for a new backup do to prevent them from accessing those?


Again, saying that preventing two devices that trust each other from communicating is a "security" thing is a lie.


The main factor of my moving from a Microsoft world into an Apple world was the interoperability of the Apple products. If Apple is moving away from that interoperability, calling it "security" and not providing a way for me to opt-out, it might be time to move on.


"Enter your passcode to trust this computer and start a backup." Every time iPhone is on charge.

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.