Working with Encrypted Backups

iPhone backups come in two flavors: unencrypted (the default) and encrypted (you've turned on "Encrypt local backup" in Finder). Both contain your message history. Peak handles both.

Which do I have?

Open Peak and look at the backup row in the sidebar. Encrypted backups show a small lock icon next to the device name. You can also check in Finder: with the iPhone selected, see whether "Encrypt local backup" is checked.

If you have an unencrypted backup

Nothing to do. Peak opens it directly. Skip the rest of this page.

If you have an encrypted backup

Peak can still open it. You need the backup password.

The password is set per-Mac, not per-phone

You set it the first time you turned on encrypted backups in Finder. It's saved in your Keychain on the Mac where you turned it on. If you don't remember setting it, the most common possibilities are:

• The Mac login password
• A common password you use elsewhere
• Whatever the phone's owner (kid, partner) configured

If the password is in your Keychain, you can recover it:

1. Open Keychain Access (⌘Space → "Keychain")
2. In the search field, type iPhone backup
3. Look for an entry like "iOS Backup" or "Backup Password"
4. Double-click → check "Show password" → re-enter your Mac login

Entering it in Peak

When you select an encrypted backup, Peak prompts for the password. It's used in-memory only — Peak does not store it.

You can also pass it programmatically:

• In the password sheet, check "Remember this password in my Keychain" and Peak will store it under your login Keychain (encrypted at rest, not sent anywhere).

What if I don't know the password?

You have three options:

1. Reset it from the phone. This requires the phone's passcode. On the iPhone:

- Settings → General → Transfer or Reset iPhone → Reset → Reset All Settings - This resets Apple-managed settings, including the backup encryption password. It does NOT erase content. But it does turn off encrypted backups going forward; you can turn them back on with a new password. - You will lose access to existing encrypted backups, but new backups will be unencrypted (or encrypted with a new password you set).

1. Make a new unencrypted backup. In Finder, uncheck "Encrypt local backup", enter the existing password to confirm, then click Back Up Now. Finder will write a new, unencrypted backup that Peak can open without a password.

1. Skip Peak for now. The phone can stay encrypted-backed-up; you just can't scan its messages via Peak until you have the password.

Important caveats with option 1

Resetting all settings on the phone clears Wi-Fi networks, Apple Pay cards, certain Notification preferences, and Touch/Face ID enrollment. It does NOT erase contacts, photos, messages, app data, or call history. Read the prompt carefully. This is a common, supported Apple operation, but it's worth understanding before doing it.

How does Peak decrypt the backup?

It does it locally, on your Mac, using the Apple-documented backup format:

1. Reads Manifest.plist to confirm the backup is encrypted
2. Reads Manifest.db (which is itself encrypted) using your password
3. Derives the per-file encryption keys from the manifest
4. Decrypts only the files Peak actually needs (sms.db and the attachments referenced by your selected thread)

Nothing about the password or the decrypted content is sent off your Mac.

Will Peak's reports be encrypted?

No — Peak's output PDFs and CSVs are written as ordinary files. If you want them encrypted at rest, save them to an encrypted disk image (Disk Utility → File → New → Disk Image), an encrypted external drive, or your FileVault-protected home folder (which is already encrypted at rest on Apple Silicon Macs).

Next: Reading the Report.