"Enter your passcode to trust this computer and start a backup." Every time iPhone is on charge.

I am just humbly trying to get a solution to a bonehead mistake made by apple which seems to be to make things more difficult for the users to increase their business. The only one clowning the people is Apple

In case anyone is interested, the problem I reported, where the phone asked for the password each time the phone was plugged into a Mac seems to have vanished...at least on an iPhone 14 running IOS 16.1.1—though that wasn't true last night with the same IOS and phone.

Strange are the ways of Apple.

So, due to yet another Apple screw-up, I was wrong when I said the problem had vanished. In reality, when the automated migration software said it had transferred my old phone data and settings to my brand-new iPhone 14, I believed it. But, it turns out that though the old phone didn't back up via iCloud, the default for a new phone—no matter what the old phone's setting was—is to back up on iCloud. I turned that off and the Mac is back to requiring a code to back up with every connection.

But that relates directly to the discussion of why the number is required at all, and is yet another screwup: If requiring a code when only backing up on the computer serves to protect the data on the computer, why does it stop asking for a code when iCloud backup is also enabled? Plugging it into the computer will STILL cause the phone to back up locally. Does the iCloud backup magically protect the data in the computer? And, they forgot to allow facial recognition to do that job—yet another screwup. It replaces entering the manual code when opening the phone, but doesn't work when the phone's verified owner uses it for backup? That makes no sense.

All of this crap should have been found both in beta testing, and their quality assurance accepting testing.

So the problems, as I see them:

1. Asking for a password—and backing up—each time the phone is wire-connected to the computer, even if disconnected for only a minute and the phone has not been used since the last backup.
2. Turning on iCloud backup turns off the requirement for the password on the computer.
3. Facial recognition—which would solve problem #1—does not work for backups.

I am sure apple revenue management know more than you, specially as the pin on the telephone is not requested to back up in the apple’s cloud, which safety i question more than my personal computer which bybthe way was already authorized by my iphone. Try to understand that this is another dirty trick from apple

"Or it’s possible that they have information that you don’t. "

Ahh, the old, "It's not impossible," so we must treat it as if it's true," approach. It's called sophistry, and it's no substitute for facts. Saying that something is possible has no connection to it happening or not happening.

As for my qualifications for making my observations, I designed computers and computer systems for 40+ years, and learned programming on the LGP30, a desk size computer designed by Stan Frankel, who helped design ENIAC. I ended up as chief engineer of an industrial barcode reader company. I've also worked in quality assurance and product testing, so I'm not giving supposition and maybes.

If it makes sense for Apple to require a passcode when making a hard connection to the computer because the computer might be infected, that reasoning does NOT magically vanish when it also backs up to the iCloud.

And if facial recognition is safe enough to open your phone and grant access to everything on it, it's also safe enough to authorize backup—especially if allowing it would, at the same time, remove the need to manually type in those pesky numbers. One small change and two problems solved.

And, there is also absolutely no reason to back up a phone that has been used for nothing since the last backup. Time Machine doesn't. But disconnect the phone from the computer and reconnect it again, and the full process repeats.

The thing is, Apple programmers make mistakes, as we all do. It's the function of the QA department to catch those errors, via beta testing, and formal acceptance tests. But they didn't. They also apparently don't make use of a feedback resource like these forums. And that's a mistake.

It works like this: I present my views and you present yours. The fact that you disagree with my presented solution is irrelevant, unless you can present factual evidence that refutes it—in which case it's a discussion—which is the purpose of this area.

And since Mr. Finch made a snide comment belittling my level of knowledge it's perfectly reasonable for me to set the record straight—and certainly not a reason for you to attack.

I will say this, though, were my programmers to have screwed up this badly, and in so many ways, without it being caught, I would have been finding a new QA manager.

Seems to me that if an outside party has control of your computer to that extent, they hardly need your phone data.

"This hack, however, allows the bad actor to make a backup elsewhere on the computer, when it is not restricted to iTunes or Finder, allowing automated password guessing."

And forcing the user to type the phone's access numbers would change what? You simply write the malware code to ask for the password, the user types it, and they own the data. The phone's password does nothing, so far as protecting the data.

JayGreenstein wrote:

And forcing the user to type the phone's access numbers would change what? You simply write the malware code to ask for the password, the user types it, and they own the data. The phone's password does nothing, so far as protecting the data.

Yes, if someone who wasn’t planning to back up their phone was prompted for their passcode and they didn’t get suspicious then they would be giving away the keys to the kingdom.

Just like the people whose phone has been stolen, then fall for the common phishing scam: You get a text or email from “Apple” or “Apple Security” (or sometimes “Police”) saying your phone has been found and to click on a link to see its location. This is NEVER from Apple or from law enforcement; it is from the thief or fence to steal your Apple ID and identity. Delete any such message without responding to it. Apple never gets involved in lost or stolen devices→Avoid phishing emails, fake ‘virus‘ alerts, phony support calls, and other scams

Or the people who are told to send money from Apple Cash, Google Cash, Zelle, Venmo or Paypal and do so.

You can’t protect people from themselves, but you can give them a chance to protect themselves.

Forcing me to type in my passcode to back up to a computer I am physically connected to and have previously trusted for syncing other content might make sense ONCE.

Requiring it EVERY TIME is beyond idiotic. It makes automatic backups to your Mac error-prone (miss the prompt and the backup times out, meaning you don't get a backup that day).

I'm sorry, but there's no way to spin this design change as a "feature" or "security improvement" when it breaks such a fundamental information security practice as maintaining current backups, and I've said as much to Apple in my feedback submission. If your "security improvement" makes the product overall worse you've improved nothing.

"Essentially, any computer that has been hacked (which is roughly half of all Windows computers, and a smaller, but significant, number of Macs) can be used to get a copy of the iPhone’s backup."

First, if Windows machines are a problem, then you make Windows machines the ones requiring a password.

Next, saying "a smaller, but significant, number of Macs" have the invading malware problem is meaningless. What percentage actually have the problem? How many machines have actually encountered the problem, as against quoting statistics on malware, in general? And...since those compromised machines are unlikely to have decent protective software, they're inconveniencing everyone who uses their computer for backup, when the problem computers have already been compromised in every other way.

And finally, given that allowing facial recognation would both give the password protection you feel is necessary and eliminate any required typing on the user's part, there is no defense for keeping the situation as it is now.

This is everything to do with 16.1 because it didn't happen before I upgraded to 16.1 on my iPhone. Is there another solution as I need to "automatically sync when this iPhone is connected" every time I connect my iPhone to my MacBook Pro?

This is what I dislike about this community - answers rarely address the question and Apple ignores everything said out here.

The problem, simply put, is the upgrade to IOS 16 caused the automatic backups of my iPhone to my Macbook to suddenly fail spectacularly. And yes, I said fail because they no longer happen automatically. They require manual intervention.

Every morning, prior to the IOS 16 upgrade, I would put my iPhone on the magsafe, go into my office, start my macbook and go about my workday. Now, when I start my macbook, I get a message saying my iphone is locked and I need to enter a passcode in order to back it up. I have to do this every time.

I don't care about synch, I don't care about itunes and I don't care about "using a lot of battery". I don't want to turn off synch and I don't want to turn off show this iphone. What I want is my iphone automatically backing up to my laptop every day so that I always have a full, restorable backup of my phone. I should not have to enter a passcode for this to happen between two devices that trust each other.

And using the "It's in the name of security" excuse is a fallacy. By that definition of "security", we would have to enter a passcode every time we connected out earbuds or our magic mouse. Once I introduce my laptop to my phone, they know each other and should talk to each other without any intervention.

StMiBa wrote:

And using the "It's in the name of security" excuse is a fallacy. By that definition of "security", we would have to enter a passcode every time we connected out earbuds or our magic mouse. Once I introduce my laptop to my phone, they know each other and should talk to each other without any intervention.

I guess you didn’t read my explanation of the security issue. It is FACT, not fallacy. Here’s a link to my post, that explains why you need to verify each time to prevent your backup from possibly being hacked by criminals→"Enter your passcode to trust this comput… - Apple Community

And it is ludicrous to equate data being stolen with earbuds or a mouse, neither of which contain any data.