Lost Password to iPhone Backup

Lawrence Finch wrote:

m-zreik wrote:

I lost backup password. But I dont remember that i put any password . is their any solution to get back my backup??

Start guessing. You entered it, twice, possibly years ago. It never changes. You get unlimited guesses. to speed up the process uncheck "Encrypt Backup" and you will be prompted immediately. If you are like most people you reused a password, probably related to your iPhone or your Apple ID. If you have a company MS Exchange account on your phone it might have been a company email or domain password, and on rare occasion, it was actually entered by your system administrator.

To jog your memory, I have created a list of passwords that users in this thread have discovered when they guessed the right one:

• First iTunes account password (40 different users)
• Old iTunes account password, but not the oldest one
• Password used for almost all accounts (3 different users)
• All digit Password created a long time ago
• Computer/laptop login password (4 users)
• Laptop password (2 users)
• Computer password (4 users)
• Email password (3 users)
• iTunes with no capital letters
• Password not used anywhere else
• All numeric used in the past
• Password for old gaming site
• PC password (5 users)
• “iphonelogin”
• work computer password
• Current app store password (2 users)
• Paypal account password
• iPad unlock passcode
• Strongest variation of the base password I have ever used
• Old password
• Old work password
• Macbook password (2 users)
• Restriction passcode
• Gmail password (2 users)
• Current Apple ID password (2 users)
• Apple MobileMe password
• Apple ID password, but all lower case (8 users)
• Apple ID password, first one ever used, but all lower case (2 users)
• iPhone passcode when corporate profile was installed
• Passcode for a website
• iPhone screen unlock passcode (9 users)
• iPhone unlock passcode at the time the first backup was made (3 users)
• First password for work computer
• Old password used over 2 years ago (2 users)
• Previous owner’s iTunes password
• Current laptop password
• Wireless network password
• Electric bill and Skype password
• icloud password, all lower case
• Windows login for very old laptop
• iMac password (3 users)
• First iPhone 4 digit passcode
• iTunes password from last year
• 4 year old password
• iTunes password (current) (3 users)
• Old PC password
• Password for “Good” application
• Password used for everything+1234
• 1234 (4 users)
• 12345 (2 users)
• 0000
• Password I use for everything else (2 users)
• One of my husband’s passwords
• Some old non-Apple product password
• Screen passcode of the first iPhone that was backed up (2 users)
• Old password with different case on first letter
• “password” (2 users)
• Windows Administrator password (2 users)
• Original Windows Administrator password
• Mackbook administrator password
• “iphone”+4 digit unlock code
• Voicemail password
• asd
• “herpderp”
• “darwin” (first name from credit card account)
• First name, all lower case
• Ms Exchange account password
• Facebook password
• Browser password
• Network admin password

Nice list, Lawrence! My god, I can't believe this issue is continuing. ITunes needs to warn people about the implications of entering a password for a backup. If it said "This password will be used automatically without prompting for all future backups. Please record it in a safeplace" then people wouldn't continue making the same mistake they've been making since this thread started 7 years ago.

Yes, I've suggested it at Product Feedback - Apple. If all the people here reporting problems did too then it would be fixed.

NEW UPDATE:

If you can’t remember the password for your encrypted backup

You can’t restore an encrypted backup without its password. With iOS 11 or later, you can make a new encrypted backup of your device by resetting the password. Here’s what to do:

1. On your iOS device, go to Settings > General > Reset.
2. Tap Reset All Settings and enter your iOS passcode.
3. Follow the steps to reset your settings. This won't affect your user data or passwords, but it will reset settings like display brightness, Home screen layout, and wallpaper. It also removes your encrypted backup password.
4. Connect your device to iTunes again and create a new encrypted backup.

You won't be able to use previous encrypted backups, but you can back up your current data using iTunes and setting a new backup password.If you have a device with iOS 10 or earlier, you can't reset the password. In this case, try the following:

• If someone else set up your device, ask them for the password.
• Use an iCloud backup instead of iTunes. If you don't have an iCloud backup, you can make one.
• Try using an older iTunes backup.

The phone didn't have a passcode on it, so maybe there is some mechanism that tells it to produce somebody cloning a phone while the person is in another room.

Seriously?

Let me ask again... how much more proof do those who can't recall putting a password in place need?

It need not have been in those few minutes. It could have been created initially years ago and has been carried forward.

Several users have come back to this thread, telling us they "found" their password after all.

It is accepted that we all forget stuff. I forget stuff. We all do. We are human.

However, when I am told this...

I then take an absurd amount of care to store that password somewhere safe. I was told in no uncertain terms it is my responsibility. "no way" is pretty clear. I don't blow past dialogs of valuable information and warnings. And if I ever do, and I will admit I have... I take responsibility for my actions.

This thread has many accusations of Apple inserting passwords secretly in to iTunes backups without the user's knowledge or permission.

So here's what is shown when creating a backup for the first time:

This is really vague and ambiguous, given the importance and unstated "fine print" around this whole process... And doesn't include any information about the fact that this password will be unchanging forever, will be used for all future backups, is unrecoverable, and will be required into the indefinite future in order to use any backups made from now until eternity. (Again, better option would be to ask the user each time they make a backup if they want to create a new password, or use the existing one.)

Beyond that, it's not even clear that this is CREATING a new and separate password. This is why people are confused - if you don't think about it very closely, it might appear to just be asking you for your login password (since Mac OS sometimes asks for that), or for your Apple ID password (since that's what people are familiar with entering for such things).

Seems to me it would be a nice option, actually, to let people use their Apple ID if they choose, since it's one less password to remember. And then if/when you change your Apple ID password, you can still access your backups. In either case, if that's not possible for some reason, then make it CLEAR that this is NOT the Apple ID password, but a completely new and separate password being created.

p.s.: the only reason I saw these dialogs was that previously I was backing up to iCloud, but ran out of space so started using local backup instead. So this might be something to try BEFORE you create your backup (for example, if you know in advance that you don't remember this special password, but want to create a new backup) - on your device, go into Settings > iCloud > Backup and switch the toggle (so if you're currently backing up to iCloud, turn it off, or if you're NOT currently backing up to iCloud, then turn it on). Then the next time you go to create a backup, iTunes will ask you if you want to use encryption, and let you create a new password for it if you choose to do so.

Sorry this is long, but hopefully it helps.

Dustin Hansen wrote:

I think this must be displayed only once, the first time a user performs a backup?

Correct. This is what is displayed:

She performed the backup. And now she can't restore this backup - which she JUST MADE - because it's asking her for a passcode. She has no recollection of ever entering a passcode for her backups. Perhaps she did create one - several years ago. Who knows. Point being: the user should be told when creating a backup that the backup will be locked.

She must have, because that's the only way an encrypted backup can be made.

And, again, it should also be made very clear that this password will be the same forever - which is kind of weird, when you think about it - and can never be changed in the future, or recovered if you forget it. Again, each time a backup is made, it would be better to remind the user about this and ask if they would like to create a new password.

Well, if you think about what the password actually is - it is not a "password" in the usual sense. It is the encryption key for the backup. As a result, it isn't saved anywhere, unless you check "Remember this password in my keychain" when you first set it. As it isn't saved anywhere, there is no way to change it unless you know the password. And no way to recover it, for the same reason. In general cybersecurity protocols specify that no password should ever be recoverable. If you access a site that can tell you what your password was you should cease using that site, as any hacker worth her salt can steal your password.

You CAN change it anytime you want to by clicking the Change Password button, or remove it by unchecking the "Encrypt..." prompt, but again, only if you know the current password:

The reason for all of this security is because it means that no one, not Apple, not a hacker, not someone who stole your phone, not law enforcement, not your ex's lawyer, can recover the contents of your phone or its backup. If there were any way to access the backup or change its password without knowing it all of these people would be able to hack the backup or get a court order to recover the information.

There is one professional tool that can recover the password if you are not in the habit of using strong passwords. I'm not allowed to post a link to it, but it shouldn't be hard to find. It isn't cheap, however, because its target market is law enforcement.

If you are in the habit of reusing passwords, you can start going through them one by one and you will probably be able to guess it. Many people have found that it was an old Apple ID password, or screen unlock password, or domain login password. To speed up the process uncheck "Encrypt password" and you will be prompted immediately, and you get unlimited guesses.

And if you can't the workaround is to use iCloud for your backups. They don't require a password, and they are encrypted.

ADDENDUM: Apple does provide information in the manual and in the knowledge base: About encrypted backups in iTunes - Apple Support

In this tip it says:

There is no way to recover your information or turn off Encrypt Backup if you lose or forget the password.

That probably should be in a more prominent place.

Just keep denying there is a problem. You'll feel better.

Nobody here disputes there is a problem.

What the problem is may be up for debate. A wild conspiracist theory run amok is the problem IMO.

It has been proven beyond any doubt that Apple has not been adding or creating encryption passwords for iTunes backups. This can't be what keeps this inane conversation going. What does is posts like yours, continuing to imply someone else is responsible. Each of those who recalled or reverse-engineered their encryption password(s) came to realize that the password was indeed set by them at some point and being human, they forgot not only the password, but that they created and entered that password in iTunes.

You continue to imply something else. I haven't figured out exactly what. The struggle?

As an aside...you have attacked me personally in this thread.

My upbringing? You have no right to say such stupid things to anybody here in this community.

This was *after* apologizing to me in this same thread. I just don't get it.

What happened to the test you were going to run with your wife's phone?

Once again... I'll agree there is a downside to any process that relies on one's memory so much. To lose access to a backup due to a forgotten password is not pleasant.

But place the responsibility for this squarely where it brings and stop creating the idea that big bad Apple is behind this.

Apple also doesn't tell you that the password will change. As it's the encryption key, it won't change.

Apple assumes a certain level of intelligence in interpreting what you read. This is the password dialog:

You will notice that it says "Enter a password to protect your [iPad|iPhone] backup." Nowhere does it say this password is for any other purpose, or does it say that it has anything to do with any other password.

AppleNGO wrote:

Try the password you use to get into the computer where the backup is stored while connected to that computer via USB

Yes, that will work, but only if that is the password you entered twice into the Backup Password dialog when the first encrypted backup was created:

I had the same issue. Tried all my passwords and thought it was a bug. Then checked to see if the back up was actually encrypted via Preferences and indeed it was. I then tried my first ever Apple ID password (which I hadn't tried yet) and it worked. So if it shows as encrypted, you have to find the password.

is when we set it up we didn't realize we were setting up a password for the backup (and all backups to follow apparently?!)

What other purpose does a password have?

Once set, *any* password is required going forward until you either change or reset it. What password is one time?

Since you can't reset an iTunes encrypted back up password, that means you MUST be able to enter that same password again.

As is documented by Apple.

How much clearer can this be stated? "No way" is not ambiguous.

About encrypted backups in iTunes - Apple Support

When you created the first backup you saw this:

What isn't clear about "Enter a password to protect your iPad(iPhone) backup." It does NOT say enter your iTunes password. It clearly says it is a password for the backup. And, while some people used their iTunes password, many did not, so a lot of people understood the message. I posted a list of different passwords that users have found to be the one they used, further up this page. Out of 156 users in this thread when I created the list only 40 (about 1/4) used their iTunes password.

It is not simply a password. The text of this password is used to create an encryption key to protect the backup's data.

The owner of the data, who made the choice to create the password, is helped by a password/encryption key that cannot ever be recovered by anyone, other the the creator of said password/encryption key.

It took me hours figuring this out. I do not remember putting password as well, and tried several possible passwords, tried atleast40. Attaching pictures here of what worked for me. Used steps 1-4 from "if you can't remember the password from your encrypted backup" and then Steps 1 and 4 from "Edouard G". Hope this helps.

I have a Windows 10 laptop, and I did an encrypted back up of my iphone 6 using iTunes. I set the password (using the same password as my apple id password), yet it would tell me that the password was incorrect. After several attempts and reading through this support page, I encountered a message that helped me. It reads as follows:

"

Jessi HanceJul 20, 2012 4:39 PM in response to elabianca

Level 1 (63 points)

Notebooks

Jul 20, 2012 4:39 PM Re: Lost Password to iPhone Backupin response to elabianca

Hi elabianca, look in your Keychain Access app, in your Utilities folder. Launch it, search for "iphone backup", and chances are you'll get a match. Open the item, click "show password" and enter your Mac system password.

"

I then put 2 and 2 together and since I have Windows 10, I decided to use my Windows 10 password for the password that I was being asked for the restore backup. Guess what? It worked! Hope this helps.

Feedback for Apple goes here >>> http://www.apple.com/feedback/

I will suggest it is not as simple as resetting a password. The backup has been encrypted on a users device.

To allow access to the backup, it must be decrypted first. Not just reset, but the data for the backup must be processed in some way.

I'll guess the challenge is in doing that decryption on a user's remote system. iCloud is completely different, in that iCloud data is hosted by Apple on a user's behalf and secured with your Apple ID and password.