large image

Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Security firm says Apple’s made iOS 10 easier to crack

A forensic security firm has said that Apple’s inadvertantly made iOS 10 easier to crack by allowing an alternative password verification method.

The Russian company explained in a blog post that the issue stems from the way in which an attacker could ultimately bypass security checks for backed-up iOS 10 passwords. Because Apple uses a new security mechanism, Elcomsoft said it could try passwords 2,500 times faster than if trying to crack an iOS 9 device and was currently clocking around 6 million per second.

In order for this to be a security risk, the attacker would need to have access to your computer with an offline backup of your iOS 10 device. With that limitation stated, it’s pretty worrying that the potential is even there. Apple told Forbes that iCloud backups are unaffected and entirely safe.

It also confirmed that it’s going to be rolling out a fix for the vulnerabilty with an upcoming security update, though didn’t say exactly when.

“We’re aware of an issue that affects the encryption strength for backups of devices on iOS 10 when backing up to iTunes on the Mac or PC. We are addressing this issue in an upcoming security update. This does not affect iCloud backups. We recommend users ensure their Mac or PC are protected with strong passwords and can only be accessed by authorized users. Additional security is also available with FileVault whole disk encryption,” a spokesperson said.

The rollout of iOS 10 hasn’t been entirely smooth, so news of a new security vulnerability won’t be met kindly by some users, but console yourself with the fact that it’s really quite unlikely to affect you before the problem has been fixed, so don’t let that be the reason you don’t update.

Related: iOS 10 review

Watch: iOS 10 Hands On

Do you worry about security issues like this, or is it all too theoretical to really be a concern? Let us know below!

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.