iPhones and iPads enable users to password protect their backups, and when they choose to do this their data is secured in an encrypted backup.
What is an iPhone backup password?
Password Cracking AES-256 DMGs and Epic Self-Pwnage. Fortunately, JtR has something called dmg2john. Dmg2john scrapes the DMG and provides output which can be cracked with JtR by others without putting the data at risk. Unfortunately, when I got there, dmg2john and JtR were broken when it came to DMGs. If the password hint doesn't show up, that will be because it wasn't set to show password hints in the Login Options. Unfortunately, the only way to change this setting is to log into your Mac. Jun 17, 2015 Crack a forgotten password to hack a.dmg file? I password protected a.dmg file ages ago and stupidly forgot the password but I know some of the numbers that could be in the password and I know of some words that could be in the password.
An iPhone or iPad backup password — sometimes called an iTunes backup password — is set when backing up your iOS device in an encrypted format. The password is securely stored on your device, so that whenever it is called upon to produce a backup, it will generate an encrypted one.
When you choose to protect your backup, you'll need to remember your backup password to ever access that backup's contents. This password is set separately from your iPhone's passcode or your Apple ID's password. So whilst you may set the password to anything you like, resetting your Apple ID won't help you recover it.
What is an iPhone backup password needed for?
Your backup password is needed to read or restore from your iPhone backup, or to remove your iPhone's backup password.
It is not needed to create more backups, to access your iCloud or Apple Music data, to add new devices to your account, or to reset your device.
Over the years Apple have used a few different formats for protecting their encrypted backups. The last big change was made as part of the iOS 10.2 release. iPhone Backup Extractor fully supports all versions of encrypted iTunes backups, as well as iOS backups made by any other software.
Should I password protect my backups?
Setting a password on an iPhone or iPad backup is a great idea, as it helps to protect your data. As the backup is more secure, it means the device can safely include more data in the backup, including health data, which would otherwise be left out. That's handy for you if you ever need to restore from the backup.
How to reset your backup password and create a new backup
If you forget your backup password but don't need access to your backup's contents, you can overwrite it with a new backup:
- On your iOS device, go to
Settings→General→Reset. - Tap
Reset All Settingsand enter your iOS passcode. - Follow the steps to reset your settings. This won't affect your user data or passwords, but it will reset settings like display brightness, Home screen layout, and wallpaper. It also removes your encrypted backup password.
- Connect your device to iTunes again and create a new encrypted backup.
Be aware that this will overwrite any pre-existing iPhone backup you might have, and all data included in them.
How to recover a lost iPhone backup password
If you've lost or forgotten your iTunes backup password, there are a few techniques you can use to try to recover it.
1. Try known passwords
First, it's worth trying a bunch of passwords that you might have used. There's no penalty to trying a number of different passwords in iTunes, although each check can take a little while. There's no such thing as a default password for an iOS backup.
Perhaps you used one of the following:
- Your iTunes, Apple ID or iPhone password
- Your email password
- Your computer's login password
- Something simple like
password,1234,letmein,0000, or so on.
Does Apple sometimes automatically choose a backup password?
We often hear from people who have lost their password, claiming their iPhone must have automatically set an unknown password for them. In over ten years — and 1,000+ successful recoveries — we've never once uncovered a password that was truly unknown to the user.
The past is a foreign country. They choose passwords differently there.
Passwords are set on the device, not by your computer. If your device was bought or configured by somebody else, it's possible that you need to ask them for the password.
2. Check the macOS keychain
If you use a Mac and configured the iTunes backup password on that Mac, your computer may have kept a record of the password in its keychain.
You can check this by loading the 'Keychain Access' app that comes with every Mac.
- Launch Keychain Access by opening Spotlight with
⌘ Cmd+ (space), typing 'Keychain Access', and then hitting⏎ Enter. - Click 'Passwords' in the left-hand category sidebar.
- Type 'backup' into the search box in the top-right of the window.
- View the saved password entries by double-clicking on results named
iOS BackuporiPhone Backup. - Check the 'Show password' box and the password will be displayed.
Unfortunately, there's no simple equivalent of doing this for Windows users.
3. Backup to iCloud, erase the device and restore
There's also a nuclear technique for removing an iTunes backup password setting from your device. Enable iCloud backups under settings, back it up, then erase and restore it.
This process is long-winded -- especially for users with a lot of data or a slower connection -- and ideally avoided. You can see our guide to making an iCloud backup to follow this approach.
4. Brute-force the backup password
Apple provide technical details on how encrypted backups work. Simply put, modern iOS backups use AES-256, with 10,000,000 iterations. That makes checking a single password slow enough, even if it's the right password. Trying many different passwords with a tool like hashcat is a very slow process.
Assuming the password had 8 digits, limited to only upper or lower-case English letters or numbers — and no punctuation symbols — there would be 218,340,105,584,896 (628) possible combinations.
Using a $1,300 GeForce 1080 Ti GPU, it would be possible to try around 100 passwords per second, which would mean it would be possible to break that password in around 69,000 years. That's substantially before the heat death of the universe, but it's still a long way away. The process could be sped up with a machine with 4x $5,000 Nvidia K80 GPUs, but even with a 10x improvement it would still take around ten thousand years, and the electricity consumption would be enormous.
Earlier versions of iOS created backups with much weaker encryption, as below:
Thus, from a practical perspective, it can be possible to recover a password if one has a general idea about its form, such that a few hundred or thousand guesses would find it.
How to speed up password recovery with an ASIC or quantum computer
You might ask, what about quantum computers, or dedicated hardware? Let's take a look.
You might be curious about working with a university with access to quantum computing resources. Whilst there are quite a few click-bait articles out there on the amazing powers of the technology, it doesn't make cracking strong encryption much easier.
There are two good resources on this: this sober paper (nicely summarised by The Register: 'Grover's algorithm would need about 1032 years to crack SHA-256'). Then there's this, less sober article, which suggests that even if one were to build a Dyson sphere and capture all of the energy radiated by the sun it might still be hard. 🤷♂️
There's another approach that might be faster than general quantum, and that's using an ASIC. This is essentially a custom piece of hardware that is designed specifically for the encryption algorithm one wants to break. Whilst it sounds like everything either uses SHA-1 or SHA-256, the reality is that the parameters used with the encryption matter, which from a practical perspective means you'd need to get one made for the iPhone backup algorithm, rather than being able to use a generalised device. In this case, an iPhone backup uses 10,000,000 iterations of SHA-256. You could probably get a good ASIC built for under $100k, but how much faster it'd be is hard to say. Even if it were 10,000 times faster (it wouldn't be!) it would still be too slow.
The problem ultimately is that even if recovery is worth $250k, the cost of nailing a decent password is substantially greater. Few people have the appetite for the equivalent of a mortgage on an attempt with at best a fraction of percent chance of success in their lifetime.
Given how brutal the brute force probabilities are, that points to using a structured process to recover or trigger memories of a lost password. If the value of recovery is great enough, we'd recommend a process like this:
Freezing all your data to prevent accidental overwrites, deletions or modifications
- Buy new hard-disks for your computers, then pull out every disk and USB stick out of every device you own (computers, laptops, Time Machine devices) and quarantine them
- Replace your mobile devices with new ones and quarantine your current devices
- Dump and archive every online storage system you use (eg. Google Drive, Dropbox, iCloud Drive)
Triggering memory responses
- Look back at photos from the time, visualising the equipment and environment you had
- Use iPhone Backup Extractor to examine your messages histories from the time to see who you were talking to at the time and what you were was talking about
Intensively search for potential password variants
- Dump all macOS, iOS and Google keychain passwords and feed them into a password list
- Dump all passwords from your password managers and feed them into a password list
- Scan all of the archived disks and USB sticks for any form of file that could have been a password archive or a message, photo or note entry that might be a memory trigger
- Run a painstaking sector-by-sector testdisk scan on your disks and device images for deleted data
5. If in doubt: reach out
Our support team are able to help customers with recovery of lost passwords in some cases. Please do reach out to us using the support details below.
When you encrypt the backup for your iPhone, iPad, or iPod touch
The Encrypt backup feature in Finder or iTunes locks and encodes your information. Encrypted backups can include information that unencrypted backups don't:
Your backup isn't encrypted by default. To encrypt a backup in Finder or iTunes for the first time, turn on the password-protected Encrypt Backup option. Backups for your device will automatically be encrypted from then on.
There is no way to recover your information or turn off Encrypt Backup if you lose or forget the password.
You can also make a backup in iCloud, which automatically encrypts your information every time.
Encrypt your backups
- On a Mac with macOS Catalina 10.15, open Finder. On a Mac with macOS Mojave 10.14 or earlier, or on a PC, open iTunes.
- Connect your device to your computer with the included USB cable. Then locate your device on your computer.
- From the General tab or the Summary tab, select 'Encrypt local backup' under the Backups section.
- When asked, make a password. Create one that you'll remember or write it down and store it safely, because there's no way to use your backup without this password.
Forgot Password To Encrypted Dmg Free
After you confirm your password, your backup will start and immediately overwrite and encrypt your previous backups. When the process completes, make sure that your encrypted backup finished successfully:
- On a Mac with macOS Catalina 10.15, open Finder, click the General tab, then click Manage Backups. You should see a list of your backups. On a Mac with macOS Mojave 10.14 or earlier, or on a PC with iTunes, from the the menu bar at the top of the iTunes window, choose iTunes > Preferences, then click the Devices tab.
- You should see a lock next to your device's name, and the date and time that the backup was created.
- Click OK to close the backup window.
Check to see if your backups are already encrypted
If Finder or iTunes is set up to encrypt your backups, the Encrypt backup option has a check mark under the General tab or the Summary tab when you connect your device to Finder or iTunes.
You can also see whether a specific backup is encrypted:
- On a Mac with macOS Catalina 10.15, open Finder, click the General tab, then click Manage Backups. You should see a list of your backups. On a Mac with macOS Mojave 10.14 or earlier, or on a PC with iTunes, from the the menu bar at the top of the iTunes window, choose iTunes > Preferences, then click the Devices tab.
- Look for a lock next to the backup. If you see a lock , the backup is encrypted.
- Click OK to close the backup window.
If you can’t remember the password for your encrypted backup
You can’t restore an encrypted backup without its password. With iOS 11 or later or iPadOS, you can make a new encrypted backup of your device by resetting the password. Here’s what to do:
- On your device, go to Settings > General > Reset.
- Tap Reset All Settings and enter your device passcode.
- Follow the steps to reset your settings. This won't affect your user data or passwords, but it will reset settings like display brightness, Home screen layout, and wallpaper. It also removes your encrypted backup password.
- Connect your device to Finder or iTunes again and create a new encrypted backup using the steps above.
You won't be able to use previous encrypted backups, but you can use Finder or iTunes to back up your current data and set a new backup password.
If you have a device with iOS 10 or earlier, you can't reset the password. In this case, try the following:
- If someone else set up your device, ask them for the password.
- Use an iCloud backup instead. If you don't have an iCloud backup, you can make one.
- Try using an older iTunes backup.
Turn off backup encryption
To turn off backup encryption, uncheck the Encrypted backup box in Finder or iTunes and enter the password. If you can't remember your password, you have two options:
- If you have an iCloud account, you can use iCloud to back up and restore.
- Use the steps above to reset your backup password.
Learn more
Forgot Password To Encrypted Dmg Mac
Learn the difference between iCloud and iTunes backups.