Apple has seriously stepped up its security game with iOS 10.2, according to a new report that found encrypted iTunes backups are now much more difficult to hack.
It takes roughly 1,000 times more processing power to hack the password of an iOS 10.2 backup than an iOS 10.1 backup, report the security experts at iMazing.
Apple’s backup encryption tools have remained roughly the same since iOS 4. With the release of iOS 10, Apple made a crucial flaw in how it validates passwords that theoretically could have let hackers unlock backups in just three hours with a brute force attack.
The company quickly fixed the issue with iOS 10.1 so that brute force attacks aren’t as easy. Now, in the first iOS 10.2 beta, protections have revved up to make passwords even harder to hack.
iOS 10.2 is still in beta testing with developers. The second build was released today withApple’s new TV app and SOS feature. It should be available to the public by the end of 2016.
With the new beta build, validating a user password is much more demanding in terms of processing power. By adding many more iterations to generate the derived key, Apple has made it so it would take a hypothetical hacker 1,000 years to crack a password.
The improved security was likely motivated by the spread of easy-to-use third-party brute force tools. Weaker backup passwords can be guessed in just hours with some tools, but it looks like Apple has leaped ahead of would-be attackers (at least for now).