Elcomsoft releases iPhone 4 password cracker

Apple changed the iPhone 4 software in a way that makes it easier to recover the plain-text password used to encrypt data

Russian password-cracking company Elcomsoft has released new software that can in some instances figure out the password used to encrypt backed-up iPhone data.

Elcomsoft said Apple somewhat changed the way their encryption system works for its latest iPhone 4 software. When an iPhone is plugged into its home computer, its data -- such as e-mail passwords, calendar events, text messages -- are automatically backed up in a so-called "keychain."

That information was previously encrypted using a device-specific encryption key, but with "iOS 4 this is not necessarily the case" if someone choose a master password to access the data, according to Elcomsoft.

If a person chooses to encrypt the data, the backup is encrypted with a master password selected by a user. But if the person can't remember their password, the data can't be restored to an iPhone. A user would have to do a full software restore and set up a new backup, with all of the other data lost.

But Elcomsoft says it can figure a password out with its latest iPhone Password Breaker application. The company says that Apple's encryption of the backup is excellent, as the passwords can only be figured out using brute-force attacks, where a computer tries millions upon millions of possible combinations, or dictionary attacks, which use lists of commonly used words.

Elcomsoft said its software doesn't have a 100 percent success rate, but if a person selects a short and simple password, it could be recovered in seconds. Other factors in how long its software takes to recover a password depends on a person's computer and the power of its CPU and graphics card.

Once the password is recovered, Elcomsoft said its software allows a person to examine their keychain and export that data into XML (Extensible Markup Language) or plain text document.

The iPhone Password Breaker is legal for people to use on their own backups or if they have the permission from someone to examine their iPhone. The software costs £79 (US$126) for the home edition and £199 for the professional edition.

Send news tips and comments to jeremy_kirk@idg.com

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags mobileApplesoftwaretelecommunicationpasswordsiOS 4Mobile operating systemsAccess control and authenticationElcomsoft

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?