Lost Password to iPhone Backup

Problem with that is, the box wasn't checked. I've backed up numerous phones on here and never encrypted them because there wasn't a need. Box is only a year old. I even decided to see what would happen if I backed it up and intentionally checked the encryption box....guess what it did? Asked me to create an encryption password. So I'm really baffled now.

Once again, despite you knowing everything about everything, glitches happen. This machine is less than a year old. I use it to do IT support and have wiped/restored numerous phones on this machine. It's one of the primary functions I do for my job. So this is not something I do infrequently enough to just all the sudden forget doing it.

On top of the fact to further look into this issue, I tried another wipe restore of another phone. I intentionally checked the encrypt backup button (because it was not checked by default). It prompted me to create an encryption password.... So there goes your theory of me setting some default password years ago and forgetting it.

There is though, the opportunity that I emailed Microsoft and told them to install iTunes before I got this machine, and put an encryption password on there and don't tell me. But write a script to only enable this password on a specific date and time, and only for a specific yet to be determined phone. Or maybe it was after the 50th phone wipe/restore this arbitrary password should be enabled. But you know it all so I'm sure you are more aware of this procedure.

worked for me:

http://osxdaily.com/2013/06/26/recover-lost-encrypted-backup-password-ios/

Meaning you were able to find the original password you used to encrypt your iTunes backup.

Thanks for letting this thread know of your success using Keychain.

kismoore wrote:

worked for me:

http://osxdaily.com/2013/06/26/recover-lost-encrypted-backup-password-ios/

Not the first time that using keychain has been posted in this thread, but it's a welcome reminder. Thanks!

You could find the password for the backup encryption in your keychain. You just need to know the password of the computer you used to back up the phone in order to see the password in the Keychain (just click show password). That's at least how I found my password, which I had completely forgotten since my first encrypted backup.

I think this must be displayed only once, the first time a user performs a backup?

Same exact issue just happened to my wife - she got a new phone in the mail. Performed a backup of her old phone - on a computer on which it had never before been backed up. She was not asked to choose a password for the backup, or given any sort of prompt or warning about the encryption etc.

She performed the backup. And now she can't restore this backup - which she JUST MADE - because it's asking her for a passcode. She has no recollection of ever entering a passcode for her backups. Perhaps she did create one - several years ago. Who knows. Point being: the user should be told when creating a backup that the backup will be locked.

And, again, it should also be made very clear that this password will be the same forever - which is kind of weird, when you think about it - and can never be changed in the future, or recovered if you forget it. Again, each time a backup is made, it would be better to remind the user about this and ask if they would like to create a new password.

In general cybersecurity protocols specify that no password should ever be recoverable. If you access a site that can tell you what your password was you should cease using that site, as any hacker worth her salt can steal your password.

Um, you mean like every site I've ever used in my entire life?

Dustin Hansen wrote:

In general cybersecurity protocols specify that no password should ever be recoverable. If you access a site that can tell you what your password was you should cease using that site, as any hacker worth her salt can steal your password.

Um, you mean like every site I've ever used in my entire life?

Yep. I suggest that you use secure sites instead.

Dustin Hansen wrote:

Um, you mean like every site I've ever used in my entire life?

None of the sites that I access store my password in plain text. Partly because if they did I closed my account with them. But none of my banks, credit cards, or even ordinary sites if the designers were even vaguely competent can tell me my password even if I ask. They may give me a way to reset my password once I prove who I am, usually by sending a link via email or text that goes to a one-time password setting page. At least one site I use won't even do that; if I forget my password my account is never again accessible; I would have to create a new one. And a lot of apps work that way.

A properly designed site should not save your password in plain text. It should encipher it using a strong hash algorithm, ideally SHA-256 or stronger. And it should add a "salt" to your password, such as your user number or something else unique, so two people using the same password will have the same hash value. As an example, from a site I designed, here is my hashed password: 40e8f46cc66d268e02dd832cd5606f746a40b993. While not impossible, it would be very difficult to determine my actual password from that.

When you enter your password the site should apply the same rule that was used to create the password and compare the result to what was stored. If they match, you entered the correct password.

SophieDutton wrote:

It is the password that you use to log into your account on your computer. I had this issue to until I typed in my computer password. I hope that this helps!

Well, that's what it is if that's what you typed the first time you made an encrypted backup. But I suggest you read other messages in the thread; there are dozens of different passwords that worked, because people entered dozens of different passwords when they made their first encrypted backup.

Perfect. It worked for me.

I had tried to type my password while connected via wi-fi but none of my usual passwords was accepted.

After connecting the iPhone to the Computer via USB, the password worked. In my case the password was my AppleID password. I don't remember having set this password up, but it worked anyway. My problem is solved. Thanks you, unclefungus!

Just chiming in like the 14,000 other people this has happened to. Like most of you I didn't remember doing this at all and thought it was some crazy Apple shenanigans. Quite frankly in the end, I just got lucky. Here was my adventure...

1. Backup old iPhone 6 to iTunes in preparation for new iPhone 7.

2. Get new iPhone (yay!) and try to restore from old backup.

3. Get an error regarding iOS versions...no biggie, update both phones to same iOS.

4. Restore from backup, easy right? Nope, get that lovely password error...poo.

5. Spend the next hour throwing every password ever at it (even tried my old MySpace one) - no dice.

6. Call Apple. Rep professionally holds back laughter telling me I'm screwed.

7. Start iCloud backup with old phone so I can restore via iCloud...says it will ONLY take 12 hours...lovely.

8. Save the 10GB iPhone backup folder to a hard drive and try to use a PC program to crack that turd.

9. Brute force cracker runs for hours...this is going to take weeks.

10. Since the other options are going to take weeks let's try throwing more passwords at iTunes hoping for a miracle.

11. Miracle happens, phone restored...whew!

Password ended up being my original password for my Apple ID...I think. I'm not sure honestly because I've had to change that password 3 or 4 times. I'm sure I chose encryption in the past even though I don't remember doing it. The reason being is that little window others have shared. The whole, "If you don't encrypt your backup you won't get all your crap restored because we're worried Putin is going to steal your iPhone data" screen. So like I said before, I just got lucky. Thankfully it doesn't appear there's a limit on how many times you can guess your password so keep trying, and good luck!

That brute force cracker is still running as we speak. I'm going to let it finish just to see how long it takes, lol!

Apple is not watching here. Encrypted backups work as Apple intended them to; a guaranteed secure way to protect your data. No one can decrypt your data; not law enforcement, not the thief who steals your computer, not your spouse, not your ex's lawyer. Unfortunately, the side effect is that you can't either if you don't remember the passcode that you created. The user's part of the process is to remember or record passcodes.

However, Apple does give you a way to make backups and restore them if you do forget your passcode, using iCloud backups, which are almost as secure as local encrypted backups and don't require you to remember your backup passcode. You do have to remember your iCloud password, however.

After spending hours frustrated with this trying every password - I found my solution. There is CLEARLY a bug here. I entered every password I could think of over and over while trying to uncheck the Encrypt iPhone backup box. With all hope nearly lost, I tried to give it go to CHANGE my password instead. I entered my "Old" password (one of many that I had tried while attempting to uncheck the Encrypt iPhone backup box) and then entered a new different password. It worked.

Anyone claiming that Apple does not have a bug here is WRONG. There is no reason that my password was incorrect when I attempted to uncheck Encrypt iPhone backup, but it was correct as my "Old" password when trying to Change Password.

I hope this may work for other people!

I had this same issue. I had tried EVERYTHING that I could find on internet, support groups, forums etc. but nothing worked. Even tried a brute force cracker.

Then I just gave up. Later I connected to another windows laptop I had and viola!!!! my usual password worked there. Also in my everyday laptop the entire memory was eaten up by a single component "Others" however in other laptop I could see all the components with some portion of "Others"

It gave me an idea and I unistalled and reinstalled iTunes in my regular laptop and I was extremely relieved and happy to see that there was no backup password and also the "Others" portion was minimal.

Try this method and let me know.