Q: Lost Password to iPhone Backup

Bizarre, your idea made me try it as I didn't recall setting a password.  It worked.  I disable/re-enabled encrypted backup and saving password in keychain so this doesn't happen again; thanks.

This is a pile of crap, Apple!

My wife backed up her 4s.  Went to the store.  Came back with a shiny new 6.  And somehow there's a password on her recovery file?!?!  She did not set a password!!!!!  

How to unlock!?  all her contacts are gone.  all her pictures are gone.  icloud had her apps, so thankfully she doesn't have to restore those one by one.  But still!  ***?!?!  SHE DIDN'T SET A PASSWORD!  HOW TO UNLOCK and RESTORE?!?!?!

there are only TWO ways a password can be set:

1. She set it, even if she doesn't remember doing it. Might have been 7 years ago, but she set it. Once set it never changes unless it is deliberately changed by the user.
2. The phone has a company MS Exchange account on it, and the account administrator added a security requirement that the backup must be encrypted. Even in this case she would have been prompted to enter a password the first time it was backed up.

Passwords do not get set by themselves. But people forget setting them. Or may have set it without realizing why they were being prompted for a password.

Lawrence Finch wrote:

 

there are only TWO ways a password can be set:

1. She set it, even if she doesn't remember doing it. Might have been 7 years ago, but she set it. Once set it never changes unless it is deliberately changed by the user.
2. The phone has a company MS Exchange account on it, and the account administrator added a security requirement that the backup must be encrypted. Even in this case she would have been prompted to enter a password the first time it was backed up.

 

Passwords do not get set by themselves. But people forget setting them. Or may have set it without realizing why they were being prompted for a password.

I agree. I was very sceptical at first, but I've tried a few experiments, and I think the above covers it, except there's a third case. If there's an encrypted profile on it, common on company phones, it'll force you to have a password on the phone. Company IT staff may not be aware of that side effect.

I think where people are going wrong is the last sentence in your point 1. The program gives no hint at all that you're going to need the password you set to restore from any backups made after the first one. It should make that very clear.

What to do now is to try to think of a password you might have thought up the first time you backed up, thinking you'd only need to remember it for a few minutes. Some people put their computer's password at the time, maybe not bothering with uppercase, others put their passcode or AppleID, or just qwerty, etc. Try them all, old ones, new ones, uppercase, lowercase. And if you work it out, remember it!

For what it is worth, I think Lawrence Finch is right.  I tried all my old passwords, all the tricks listed in this thread and finally went back to one really old password that worked.  I don't think there is any magic here except that your backup pw doesn't change unless you change it.  Most of us never think of it.  Then, we try doing a restore and who knows what we originally set.  Bottomline, none of the hacks suggested worked.  But the logical thing did work.

Just wanted to let you know that password I used to backup/restore my iPhone (6) was exactly the password to unlock my previous iPhone (4S) screen when it went to sleep. Hope this helpful.

You saved my evening! Original phone code was my holy grail.

I am running into the same issue.  If I created a password or not should be irrelevant.  If someone created a password there should be a way to recover it.  For example maybe creating a hint or a key file.  If you can recover  the password for bitlocker you should be able to recover the password a lot easier than having to buy a third party software that might work.  Just my thoughts on this.

So you're advocating making the security and value of an encrypted backup absolutely worthless, then?

If there were a way to recover the password, it would be useless as a security device. Try writing it down somewhere.

Not sure how you would consider it to be useless. A lot of big companies use bit locker and are able to retrieve the passwords of people that have left the company by using the recovery password feature.    I would rather have a hint or a key then to write it down.    Writing it down seems a lot less secure.

Writing it down is a lot more secure. A piece of paper can't be hacked. And you can put in in a safe. Or, you could save it in bit locker, if you believe that it is secure. I use a password vault product, but in spite of that, my important passwords are written in a book that is kept in a safe, for use of my heirs when they need access to my accounts.

The thing is, it's not just a password. It's the encryption key, and isn't stored anywhere. So there's no place to recover it from. The only way to recover it is brute force. If it's a good password it essentially makes your backup unhackable. Even with Elcomsoft's cracker.

KiltedTim wrote:

 

So you're advocating making the security and value of an encrypted backup absolutely worthless, then?

 

If there were a way to recover the password, it would be useless as a security device. Try writing it down somewhere.

I think a hint is a good idea. But the problem is not how you remember the password. The problem is that iTunes gives you no clue at all that the password you enter the first time you back up will also be used for subsequent backups. If it did then people would know they need to remember it. Most people do their second backup without even realising it has a password on it.

I think a one sentence explanation when you enter the password the first time would avoid 99% of people's problems.

Thank you! Thank you!  Especially for the reminder to breathe.  Unplug. Plug back in.  Now downloading my apps to my phone.  Thank you!

Did you find that it restored from the encrypted one? Or the last one that was not encrypted?

You just responded to a post made 4 1/2 years ago. If the one who posted it is still around, I'm sure they've solved the problem.