Apple recently released the first iOS 10.2 beta, and in addition to new emoticons, it appears that the company has made some crucial changes that are critical for the security of data included in backups.
According to a new report from iPhone Hacks, the iOS 10.2 beta makes iPhone encrypted backups no less than “1,000 times safer,” as the OS update also increases the required processing power to crack the password, based on findings from Switzerland software developer DigiDNA.
Apple attempted to bolster the security of encrypted backups with iOS 10 in the very first version, but due to a security flaw, it instead did the opposite, making backups actually easier to hack.
Cupertino fixed the problem quite fast, and 10.1 introduced a fix in this regard, blocking brute force attacks and making passwords almost impossible to hack.
With the new beta build, validating a user password is much more demanding in terms of processing power. By adding many more iterations to generate the derived key, Apple has made it so it would take a hypothetical hacker 1,000 years to crack a backup and reveal password on any given iPhone.
The improved security was likely motivated by the spread of easy-to-use third-party brute force tools. Weaker backup passwords can be guessed in just hours with some tools, but it looks like Apple has leaped ahead of would-be attackers (at least for now).