In Apple ecosystem, logical acquisition is the most convenient and the most compatible extraction method, with local backups being a major contributor. Password-protected backups contain significantly more information than unencrypted backups, which is why many forensic tools including iOS Forensic Toolkit automatically apply a temporary backup password before creating a backup. If a temporary password is not removed after the extraction, subsequent extraction attempts, especially made with a different tool, will produce encrypted backups protected with an effectively unknown password. In this article we’ll talk about why this happens and how to deal with it.

In just a few weeks, the new iPhone range will be released. Millions of users all over the world will upgrade, migrating their data from old devices. While Apple has an ingenious backup system in place, it has quite a few things behind the scenes that can make the migration not go as smooth as planned. How do you do the migration properly not to lose anything?

Have an iPhone backup but cannot get around the password protection? I have a story to share. I was recently contacted by an old partner from the other side of the world who asked for assistance in an urgent case. He had an iTunes-style backup of a device full of critical evidence, but the password locked him out of the data.

The iPhone backup is one of the hottest topics in iOS forensics. iTunes-style backups are the core of logical acquisition used by forensic specialists, containing overwhelming amounts of evidence that is is unrivaled on other platforms. The backups, as simple as they seem, have many “ifs” and “buts”, especially when it comes to password protection. We wrote a thousand and one articles about iOS backup passwords, but there is always something fresh that comes out. Today we have some new tips for you.

How secure are your chats in your favorite instant messenger? Can someone intercept and read your secret conversations, and can you do something about it? Apple users have access to the highly popular instant messaging system, the iMessage. But how secure it really is? Let’s find out.

Everyone’s iPhones contain overwhelming amounts of highly sensitive personal information. Even if some of that data is not stored on the device, the iPhone itself or the data inside can work as a key to other many things from bank accounts to private family life. While there are many possible vectors of attack, the attacker will always try exploiting the weakest link. Learn to think like one, find the weakest link and eliminate the potential vulnerabilities before they are exploited. This guide comes from the forensic guys making tools for the law enforcement, helping the good guys break into the bad guys’ iPhones.

We have published multiple articles on iPhone backup passwords already, covering the different aspects of the backup protection. In this publication, we have collected the most important information about the things you can do under different circumstances, some software recommendations, and some other practical tips and tricks, in a brief and simple form.

How can you obtain the highest amount of data from an iPhone, iPad, Apple TV or Apple Watch? This is not as simple as it may seem. Multiple overlapping extraction methods exist, and some of them are limited to specific versions of the OS. Let’s go through them and summarize their availability and benefits.

Passwords are probably the oldest authentication method. Despite their age, passwords remain the most popular authentication method in today’s digital age. Compared to other authentication mechanisms, they have many tangible benefits. They can be as complex or as easy to remember as needed; they can be easy to use and secure at the same time (if used properly).

The Screen Time passcode (known as the Restrictions passcode in previous versions of iOS) is a separate 4-digit passcode designed to secure changes to the device settings and the user’s Apple ID account and to enforce the Content & Privacy Restrictions. You can add the Screen Time passcode when activating Screen Time on a child’s device or if you want to add an extra layer of security to your own device.