Encrypted Backup Near Disaster

Discussion of non-operating system issues related to iPods, iPhones, and the iPod Touch.
Post Reply
User avatar
Stephen Hart
Forum Member - Level 5
Forum Member - Level 5
Posts: 3106
Joined: Thu Apr 07, 2011 10:09 am

Encrypted Backup Near Disaster

Post by Stephen Hart » Sat Mar 12, 2016 3:29 pm

When I got my new iPhone 6s last September, I temporarily encrypted the backups for both our iPhones so everything would copy to our new iPhones. (See my original post here: http://www.straitmac.org/phpBB3/viewtop ... 1977#p7366)

I had intended the encryption to be temporary only, but just this month we realized that I'd never switched encryption off. No problem, I thought, I must have written the password in 1Password. I found an entry for iPhone 6 and 6s, but the password listed there didn't work for Karen's iPhone backup. Later, I found that it did work for my iPhone backup.

Here's what I think happened, and it provides an important lesson, I think.

1. create new, random password in 1Password
2. encrypt Karen's backup
3. paste into 1Password. But a copy/paste error pasted a different random password we created on the same day for a web site.
4. encrypt my backup with the second password, copying from 1Password
5. forget that the encryption was supposed to be temporary
6. discover encryption months later

I was able to unencrypt my iPhone’s backup because the second password is the one I used for my iPhone. But it didn’t work for Karen's backup because we’d used the first (now lost) password. Because iTunes didn’t show the password that was pasted, there was no way to notice the error.

I kicked myself for a couple of weeks for not writing everything down. Then I spent a bunch of time hunting through old 1Password backups, all to no avail.

Finally last week it occurred to me to look one more place. Both Karen and I have TextEdit documents (with different names) that we use as scratch pads. So I went to Karen's iMac and to the date in question (late September 2015) in Time Machine, and looked at her scratch pad document. Lo, I found this: "temporary phone backup password (ej7yrxrATdX”

That entry was only in the file on that one day, and fortunately was there long enough for Time Machine to back it up. And fortunately, we have dual big-capacity Time Machine drives so it hadn’t been deleted.

Today, we tried that password with Karen's backup and it worked.

One more thing: the iPhone has to be present for this process because the password is actually stored on the iPhone, not on the Mac. If the iPhone isn't plugged in (or, I assume, available on WiFi), you get a "password incorrect" message. Because it's stored on the iPhone, Apple says it's impossible to decrypt an encrypted backup if the password is lost.


So here's the lesson: Copy and Paste can fail. Sometimes you highlight something but don't actually copy it. Keyboard Maestro, for example, uses the Mac clipboard so it may have replaced the contents of the clipboard. Sometimes I find myself pasting the wrong thing even though I think I'm sure that I copied. Randomly generated passwords are, by design, difficult or impossible to read, so you may not notice a difference. Furthermore, most password dialogs hide the pasted password.
For temporary passwords, I recommend using something easy and obvious and write it down by hand. If you need to copy and paste, you should paste the password in a regular text document for temporary protection. If there's even the slightest doubt in your mind, make a new password and use that.
In general, be very, very careful.

There's one lesson on the other side of the coin. Our Time Machine history, available to anyone with physical access to the iMac and Time Machine drives had the password in plain text.
"Design is not just what it looks like and feels like. Design is how it works."
Steve Jobs

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest