How to securely back up your iPhone or iPad with encryption via iTunes

Posted:
in iPhone edited March 2016
In light of Apple's encryption fight, it's been noted the company can decrypt some data from an iCloud backup. Knowing this, security-conscious users may opt instead for locally-stored encrypted backups of their iPhone and iPad -- a simple process through iTunes on both Mac and PC.

how to back up iphone to mac using encryption


There are two ways to back up your iPhone and iPad: through iCloud, and locally through iTunes. Backing up your device using iCloud is automatic and convenient, but while the backups are always encrypted, Apple has admitted it can decrypt iPhone and iPad backups stored on its servers.

This is an important distinction, because Apple cannot decrypt a passcode-protected iPhone 5s or newer, thanks to its hardware-based Secure Enclave. The only way Apple, or authorities, could potentially access a user's data is if they opt to remotely backup their device to iCloud.

For this reason, users or businesses focused on having the utmost security for their devices should opt for local backups through iTunes, using Apple's encrypted backup option. It's an easy process:

    1. Connect your iOS device to your Mac or PC and open iTunes. 2. Click on the device icon at the top of the screen to bring up the Summary menu. 3. Under Backups, check the "Encrypt iPhone backup" box and specify a password. Please note, there's no way to recover iTunes backups without a correct password, so be sure not to lose it.


Image courtesy of Apple
Device Summary screenshot in iTunes. Image courtesy of Apple.


    4. Once the data has been backed up, go to Preferences > Devices in iTunes and look for a lock icon next to the name of the device to ensure it was encrypted.


Device Preferences screenshot in iTunes. Image courtesy of Apple.
Device Preferences screenshot in iTunes. Image courtesy of Apple.


In addition to added security, encrypted backups in iTunes also save data that traditional backups do not. That includes saved passwords, Wi-Fi settings, website history, and Health data.

The main problem with iTunes backups is, of course, convenience -- while iCloud backups can be automated nightly when charging, encrypted local backups require an iPhone or iPad to be physically connected to a Mac or PC. But for some, those extra steps may be worth the peace of mind.

Comments

  • Reply 1 of 15
    nicnacnicnac Posts: 59member
    Yah, only do this if you are absolutely sure of your password. I've had many clients over the years who have forgotten AppleID passwords AND security questions and their two options are: call Apple and prove who you are to get a password reset email sent. Or, restore from an iCloud backup. Never had one yet who encrypted that backup which would leave them, then, with one choice.
  • Reply 2 of 15
    davemcm76davemcm76 Posts: 265member
    It is worth noting that if you have wifi syncing enabled in iTunes then the iPhone / iPad doesn't need to be physically connected if it is on the same wifi network but the backup does still need to manually initiated from within iTunes on the Mac / PC. Obviously backing up over Wifi vs cable can have a significant impact on the time taken but wifi backups are possible.
    damonfai46
  • Reply 3 of 15
    mfrydmfryd Posts: 113member
    Local iTunes backups do not require the iPhone/iPad to be physically connected to the computer. You can backup over Wi-Fi. You should be able to set the iPhone to backup automatically when it is being charged, as long as iTunes is running, and the iPhone and iTunes are on the same Wi-Fi network. Automatic local backups are suppressed when iCloud backup is enabled.
  • Reply 4 of 15
    rob53rob53 Posts: 2,032member
    nicnac said:
    Yah, only do this if you are absolutely sure of your password. I've had many clients over the years who have forgotten AppleID passwords AND security questions and their two options are: call Apple and prove who you are to get a password reset email sent. Or, restore from an iCloud backup. Never had one yet who encrypted that backup which would leave them, then, with one choice.
    The problem with your scenario is the data isn't always encrypted so there will always be personal data someone can get to. I'm sorry if your clients can't remember things but without encrypting everything, they run the risk of losing everything. Find a trusted friend, an attorney, or someone your other friends won't know and put your encryption password(s) into a sealed envelope and have that friend store it. Putting it into a safe either at a bank or in your house only protects your password from honest people, not from thieves or the government. The issue I've seen is that people always find an excuse to not use passwords but always complain later when they either forgot theirs or someone hacks into their system because they have their computer auto logon. People need to take responsibility for their actions as well as their data. Apple makes it real easy to secure a Mac and all its backups as well as iOS mobile devices. Local backups are the easiest to secure (not described in this article), just right- or control-click on your external device and run the Encrypt process. You can use the same password as on your Mac or pick a different one. It's a good idea NOT to save that password in your keychain. You'll need to enter that password when mounting that disk but so what, it's just a few keystrokes. 

    Most of us are mad at our government's desire to invade whatever privacy we still have left but until we actively secure our private data, the government will continue to demand access to it. We are protected from self-incrimination so you can always tell a police officer, a judge, and the FBI you're not going to give them your password or unlock you system. You have that right.
    williamlondon
  • Reply 5 of 15
    davemcm76davemcm76 Posts: 265member
    mfryd said:
    You should be able to set the iPhone to backup automatically when it is being charged, as long as iTunes is running, and the iPhone and iTunes are on the same Wi-Fi network. Automatic local backups are suppressed when iCloud backup is enabled.
    I'd completely forgotten about this automatic iTunes backup feature as I've been using iCloud backups for so long. Might have to have a play with it tonight...
    edited March 2016
  • Reply 6 of 15
    rob53rob53 Posts: 2,032member
    This is nice, but it does not consider advanced mobile forensic tools like Elcomsoft Phone Breaker
    https://www.elcomsoft.com/eppb.html


    "Please note that Elcomsoft Phone Password Breaker is NOT able to remove the iOS activation lock or iPhone passcode lock, unlock iPhone from the carrier, jailbreak the iPhone or remove SIM card PIN code. It is intended for recovery of backup passwords only. For more information, read the EPPB manual and Phone Password Breaker FAQ."
    aaronjai46
  • Reply 7 of 15
    dtidmoredtidmore Posts: 138member
    WIFi backups can be automated!  I have two iPhones and an iPad that backup, encrypted, via WiFi with no action on my part other than plugging in the devices to charge and of course them being on the same local network as the machine running iTunes.  You have to check the "Automatically sync when this iPhone/iPad is connected".  Then as long as your leave iTunes running, automatic backups will occur.  

    I have found that when you initially are setting up the WiFi backup, it is best to do one via USB cable.  Then once complete, with the proper options checked in iTunes, you should be able to unplug the USB connection to the device and it REMAIN showing in iTunes.  If it disappears, repeat.  This is not something new as I have been using this feature for many releases of both OS-X and iOS.
    damonf
  • Reply 8 of 15
    ksecksec Posts: 1,561member
    No one wants to touch iTunes for Christ sake.

    I really wish Appe could give me a Time Capsule that support iOS devices.
  • Reply 9 of 15
    ksec said:
    No one wants to touch iTunes for Christ sake.

    I really wish Appe could give me a Time Capsule that support iOS devices.
    IIRC My Mac has a backup of my iPhone, and my Time Capsule has a backup of my Mac.
    mike1jfc1138aaronjrob53pscooter63ai46
  • Reply 10 of 15
    isidoreisidore Posts: 49member
    ksec said:
    No one wants to touch iTunes for Christ sake.

    I really wish Appe could give me a Time Capsule that support iOS devices.
    IIRC My Mac has a backup of my iPhone, and my Time Capsule has a backup of my Mac.
    That is exactly right, been doing the same for years
    rob53
  • Reply 11 of 15
    jfc1138jfc1138 Posts: 3,090member
    " encrypted backups in iTunes also save data that traditional backups do not. That includes saved passwords, Wi-Fi settings, website history, and Health data."

    I long ago went to encrypted local backups for just that reason: makes transitioning from one iPhone to the next new one that much easier.
    propod
  • Reply 12 of 15
    aaronjaaronj Posts: 1,595member
    ksec said:
    No one wants to touch iTunes for Christ sake.

    I really wish Appe could give me a Time Capsule that support iOS devices.
    IIRC My Mac has a backup of my iPhone, and my Time Capsule has a backup of my Mac.
    I laughed out loud at this. :)
    ai46
  • Reply 13 of 15
    maestro64maestro64 Posts: 4,570member

    I have always and only back up to my computer and encrypt it as well as all my data on my computer is encrypted.

    I personally never understood why people would put any of their personal data on a drive not control by your person. Someone breaking into your house to steal your stuff is not on right side of the bell curve so you do not have to worry about them hacking your stuff. But hacker on the internet which Apple has recently came out and said you always have to be worried about since they will be able to hack your stuff.

  • Reply 14 of 15
    nicnacnicnac Posts: 59member
    rob53 said:
    nicnac said:
    Yah, only do this if you are absolutely sure of your password. I've had many clients over the years who have forgotten AppleID passwords AND security questions and their two options are: call Apple and prove who you are to get a password reset email sent. Or, restore from an iCloud backup. Never had one yet who encrypted that backup which would leave them, then, with one choice.
    The problem with your scenario is the data isn't always encrypted so there will always be personal data someone can get to. I'm sorry if your clients can't remember things but without encrypting everything, they run the risk of losing everything. Find a trusted friend, an attorney, or someone your other friends won't know and put your encryption password(s) into a sealed envelope and have that friend store it. Putting it into a safe either at a bank or in your house only protects your password from honest people, not from thieves or the government. The issue I've seen is that people always find an excuse to not use passwords but always complain later when they either forgot theirs or someone hacks into their system because they have their computer auto logon. People need to take responsibility for their actions as well as their data. Apple makes it real easy to secure a Mac and all its backups as well as iOS mobile devices. Local backups are the easiest to secure (not described in this article), just right- or control-click on your external device and run the Encrypt process. You can use the same password as on your Mac or pick a different one. It's a good idea NOT to save that password in your keychain. You'll need to enter that password when mounting that disk but so what, it's just a few keystrokes. 

    Most of us are mad at our government's desire to invade whatever privacy we still have left but until we actively secure our private data, the government will continue to demand access to it. We are protected from self-incrimination so you can always tell a police officer, a judge, and the FBI you're not going to give them your password or unlock you system. You have that right.
    Obviously you or I are able to manage passwords or have an app to manage them. However, I'm talking about the people who, when they buy a new iPhone, get to the screen that asks them to log into their iCloud account and choose instead to create a new Apple ID. Then come to us with 2 or 3 iCloud accounts each with content that they need to merge. AND they don't know the passwords or security questions for any account. These types of people should NOT encrypt their iOS device backups.
  • Reply 15 of 15
    ksecksec Posts: 1,561member
    ksec said:
    No one wants to touch iTunes for Christ sake.

    I really wish Appe could give me a Time Capsule that support iOS devices.
    IIRC My Mac has a backup of my iPhone, and my Time Capsule has a backup of my Mac.
    So what do Windows users do? Backup to iTunes then? Remember majority of iPhone users dont own a Mac, and there are a few who dont touch their PC anymore. The ecosystem should converge around the Phone, not the Mac.
Sign In or Register to comment.