• Home
  • Latest
  • Fortune 500
  • Finance
  • Tech
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia

Trendingnow

1

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch

2

MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year

3

Current price of oil as of July 1, 2026

1

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch

2

MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year

3

Current price of oil as of July 1, 2026
TechFortune 500

Hackers Can More Easily Steal Your Passwords With Apple’s iOS 10

By
Don Reisinger
Don Reisinger
Down Arrow Button Icon
By
Don Reisinger
Don Reisinger
Down Arrow Button Icon
September 26, 2016, 3:12 PM ET
Add Fortune on Google for similar content.

Apple’s new iOS 10 operating system comes with a potential security hole that could help hackers get access to passwords and other sensitive information, a security company said on Friday.

The software includes a new way to encrypt iPhone backups created through iTunes that gives hackers a far greater chance of obtaining a target’s passwords than the previous version of iOS, Russian password-retrieval company Elcomsoft said on Friday. Hackers could use a brute force attack—a technique that involves automatically trying different password combinations—to crack the passwords users choose for their iOS 10 backups, steal credit card data, and infiltrate Apple’s Keychain password manager, a digital vault where user store passwords and other authentication data.

According to Elcomsoft, hackers who use its password-cracking software, Phone Breaker, can send six million passwords per second at the iOS 10 backup to try to unlock the data. In Apple’s iOS 9, which launched last year, encryption capped those attempts at 150,000 passwords a second.

The difference makes it 2,500 times easier for hackers to obtain a password with iOS 10, according to Elcomsoft.

The flaw relates only to manual iPhone and iPad backups that users start via iTunes and not through Apple’s cloud-based repository iCloud.

Finding ways to access an iPhone and steal user data can be nearly impossible without knowing a user’s password, as shown by the FBI effort to enlist Apple’s help in opening San Bernardino shooter Syed Farook’s iPhone earlier this year. Until iOS 10, Apple had made iOS tougher for hackers to break into devices in each successive version.

Get Data Sheet, Fortune’s technology newsletter

In its statement about the security flaw, Elcomsoft said that the best way for hackers to get into an iOS device is by accessing the computer on which the iPhone or iPad backup is stored, a method it calls “logical acquisition.” Then, users can employ brute-force attack software that tries millions of password combinations each second.

“If you are able to break the password, you’ll be able to decrypt the entire content[s] of the backup including the keychain,” Elcomsoft said of the hack

At the root of the problem—and arguably the biggest question mark in this scenario—is Apple’s decision to change how it encrypts backups made through iTunes. Apple used a password-protection algorithm in iOS 10 known as PBKDF2 instead of the alternative known as SHA256 that it employed in iOS 9. According to Per Thorsheim, a security adviser at security firm God Praksis, PBKDF2 is older and allows for password-cracking software to attack it more rapidly. And since the same 10,000 passwords are used for about 30% of accounts, brute-force password-crackers like Elcomsoft Phone Breaker can obtain a user’s backup password and get access to data in 80% to 90% of cases if the software runs for just two days and is up against the PBKDF2 encryption algorithm.

Now, security experts and those worried about privacy are wondering why Apple made the change. Thorsheim, for instance, wondered whether “this massive weakening of your security and privacy is intentional, if it is a stupid glitch,” or if Apple’s developers made a mistake.

For its part, Apple told Fortune in a statement that it planned to fix the problem. The company added that Mac users who have iTunes backups stored on their devices can use Apple’s FileVault disk-encryption software to add another layer of protection to their iPhone and iPad backups.

“We’re aware of an issue that affects the encryption strength for backups of devices on iOS 10 when backing up to iTunes on the Mac or PC,” the spokesman said. “We are addressing this issue in an upcoming security update. This does not affect iCloud backups. We recommend users ensure their Mac or PC are protected with strong passwords and can only be accessed by authorized users. Additional security is also available with FileVault whole disk encryption.”

About the Author
By Don Reisinger
See full bioRight Arrow Button Icon
Add Fortune on Google for similar content.

Latest in Tech

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025

Most Popular

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Fortune Secondary Logo
Rankings
  • 100 Best Companies
  • Fortune 500
  • Global 500
  • Fortune 500 Europe
  • Most Powerful Women
  • World's Most Admired Companies
  • See All Rankings
  • Lists Calendar
Sections
  • Finance
  • Fortune Crypto
  • Features
  • Leadership
  • Health
  • Commentary
  • Success
  • Retail
  • Mpw
  • Tech
  • Lifestyle
  • CEO Initiative
  • Asia
  • Politics
  • Conferences
  • Europe
  • Newsletters
  • Personal Finance
  • Environment
  • Magazine
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Fortune Brand Studio
  • Fortune Analytics
  • Fortune Conferences
  • Business Development
  • Group Subscriptions
About Us
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • Facebook icon
  • Twitter icon
  • LinkedIn icon
  • Instagram icon
  • Pinterest icon

Latest in Tech

Jason Lemkin
Successwork-life balance
This investor won’t back startups unless staff are in the office 6 days a week: ‘Not because I don’t have empathy, because they’re going to fail’
By Preston ForeJuly 2, 2026
2 hours ago
Trump stopped talking about these media stocks, but his portfolio didn’t stop trading them
InvestingDonald Trump
Trump stopped talking about these media stocks, but his portfolio didn’t stop trading them
By Mia OsmonbekovJuly 2, 2026
2 hours ago
m
CommentaryManufacturing
McKinsey chairs: Building a more resilient industrial base may require $2 trillion in investment
By Eric Kutcher and Shubham SinghalJuly 2, 2026
2 hours ago
Meta’s cloud compute reports: Why build AI data centers in a cornfield when Saudi Arabia has cheap oil and cheaper power?
Big TechMeta
Meta’s cloud compute reports: Why build AI data centers in a cornfield when Saudi Arabia has cheap oil and cheaper power?
By Catherina GioinoJuly 2, 2026
4 hours ago
Scott Bessent, US treasury secretary, during an Economic Club of New York (ECNY) event in New York, US, on Tuesday, June 23, 2026.
Economynational debt
Elon Musk says AI is the only way to fix the $40 trillion U.S. debt crisis—but a new study says even the most optimistic scenario won’t fill the hole
By Eleanor PringleJuly 2, 2026
6 hours ago
A test of Anduril's Altius drone.
NewslettersTerm Sheet
Defense tech could be entering its awkward teenage years. Is the boom a bubble?
By Allie GarfinkleJuly 2, 2026
6 hours ago

Most Popular

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch
Big Tech
As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch
By Marco Quiroz-GutierrezJuly 1, 2026
1 day ago
MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year
Success
MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year
By Sydney LakeJune 25, 2026
7 days ago
Current price of oil as of July 1, 2026
Personal Finance
Current price of oil as of July 1, 2026
By Joseph HostetlerJuly 1, 2026
1 day ago
Trump got a $78K pension from the Screen Actors Guild in 2025 because he appeared in Home Alone 2 in 1992
Politics
Trump got a $78K pension from the Screen Actors Guild in 2025 because he appeared in Home Alone 2 in 1992
By Sasha RogelbergJuly 1, 2026
1 day ago
Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster
Success
Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster
By Preston ForeJune 27, 2026
5 days ago
CEO of $248 billion cybersecurity company says workers are about to face a ‘Darwinian moment’ thanks to AI: Evolve or get cut
Success
CEO of $248 billion cybersecurity company says workers are about to face a ‘Darwinian moment’ thanks to AI: Evolve or get cut
By Emma BurleighJuly 1, 2026
1 day ago

© 2026 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.