Curious. I updated my iPhone (first 2nd gen SE) and iPad (6th gen) to 15.7.1 a couple of days ago and haven’t been asked to authenticate, even though they’re frequently plugged into my iMac, where I can see them in iTunes (my iMac is still running Mojave), and they backup to iCloud, which they’ve each done at least once. So it’s not universal, but I agree, it would be extremely annoying. I’m glad whatever the bug is skipped me…
This issue pertains to backing up to a Mac, not iCloud. But it’s an iOS issue, not iTunes (interference with iMazing has already been reported)
1 Like
I can understand being uncomfortable with having your data backed up to the cloud rather than your own device. I agree that Apple should have a larger free iCloud storage tier. However, the cost for 50GB is only $1 per month ($12/year). If you are not using your iCloud storage for other large data sets, your backups should comfortably fit in 50GB. The backup does not include the full contents of your iPhone, but only content that can’t be loaded from other sources. For example, my iPhone claims that it uses about 95GB of internal storage, but the iCloud backup is about 4GB. My iPad using 111GB internally backs up to 14GB.
I use Apple Photo Sharing and Apple Music, so that no photos stored on the device and very little music are directly backed up. If you have a lot of photos or media on your phone that are not otherwide available via Apple Music (not counted as iCloud storage) or Apple iCloud photos (included in your iCloud storage), then your backups will need to include them.
3 Likes
I can see this as a security feature. Malicious USB connections are known to exist - you plug your USB cable into a “charge port” at a public location, and without your being aware, some server at the other end of that port is downloading your phone.
Preventing USB access after the phone has been locked for a few minutes (added many iOS releases ago) was one fix for this. I think blocking backups without authentication is another important step to protect against this, because people often plug into chargers while they are using the phone (in other words, when it is unlocked). So this will mean that something trying to download the phone’s content will cause that popup to appear and (hopefully) you will realize that something strange is going on, allowing you to disconnect before any data has been compromised.
Of course, the real “fix” here is to not plug into a USB port that isn’t connected to a device you control. When on the go, carry a small charger brick and plug into a power outlet instead of into a USB port.
1 Like
The problem is that this should not pertain to pre-authorized automated backups over WiFi, which is what the reports seem to be indicating is affected.
That is, I have already authorized my iPhone to periodically backup wirelessly to my Mac when they are on the same local WiFi network. The trigger for this backup may be plugging the device in, but the backup doesn’t actually take place over that cable, because the cable isn’t necessarily connected to the Mac that’s authorized.
If I understand the reports correctly, that’s what’s frustrating people here—you shouldn’t have to repeatedly authorize backing up to a known device over a known WiFi network. If the authorization protocol is sufficiently secure, authorizing my iPhone to automatically back up wirelessly to my Mac should be a one-time thing (maybe needing refreshing periodically or if a certain amount of time has passed since the devices last connected), not an every-time necessity.
I can absolutely see requiring authorization for backups over a cable to a not-yet-authorized device—which the existing setup already took care of. This new behavior doesn’t seem to serve any useful purpose, which means it’s most likely a bug, not a feature.
Since my devices back up automatically over WiFi to iMazing daily, whether plugged in or not, I’m not going to move up to 15.7.1. I don’t need that headache. (Both my iPhone and iPad are too old for iOS/iPadOS 16, and I simply can’t afford to replace them right now.)
1 Like
That’s exactly right.
This has nothing to do with plugging in to some random USB port.
We’re talking about initiating a backup & sync between an already authenticated iPhone and a previously authenticated Mac. And it’s not just affecting USB, it’s wifi too which makes it even more non-sensical.
iMazing posted about the backup passcode prompt issue introduced in iOS/iPadOS 16.1.x and 15.7.1.
Some of their key points:
iOS/iPadOS 16.1.x and 15.7.1 make automatic local backups awkward
…
While the new security measure Apple introduced is intended to protect user data, it also makes automatic backups less seamless and more disruptive. These obstacles could lead to a reduction in backup frequency, which would actually put user data at risk.
…a better approach to this issue would be to prompt the user for a device passcode before every backup only if backup encryption is disabled…
It is our hope that Apple will be listening to the user community on this subject, as backing up iOS and iPadOS devices locally has become more difficult than it should be.
I find iMazing unusable now because I have to authenticate repeatedly for each backup, presumably because the WiFi connection breaks and has to be re-established
UPDATE December 2, 2022
I unpaired/re-paired my iPhone and the multiple-authentications-per-backup have gone away. No one else in my family was having this problem. So, apparently it was due to pairing corruption of some sort.
Imazing published a detailed explanation about iOS change that now requires authentication for each and every backup (other than those going to iCloud).
1 Like
I am very surprised that this issue hasn’t got more widespread, general attention, especially as it also affects the latest current iOS 16.1.1. Is it, what, everyone has switched to iCloud for backups? (I note that you can still use iCloud for backup even when syncing media—you don’t have to use both simultaneously.)
It’s already had a long discussion here. Suddenly having to enter passcode when backing up an unlocked iPhone?
1 Like
Thanks. Yes, I recall seeing that thread when I was looking for discussion about it at the time, but it was already closed (understandably, IMO, since it went a bit off the rails). But I meant in general, i.e. not in the usual Mac circles.
As I think I said in that thread, I saw a few complaints on Reddit. Not many, and not many lately. I really think that almost everyone backs up to iCloud (or, tragically sometimes, doesn’t back up at all, because they don’t want to pay for iCloud storage.) I haven’t backed up to a computer for a few years now.
1 Like
This board is full of iMazing users. Plus several people who refuse to backup to iCloud as long as they can maintain local control of their iOS backups. If Apple thinks we’re nobody, oh well.
1 Like
There are dozens of you. Dozens.
Still not seeing it complained about much on other forums/boards/etc. I saw one on reddit yesterday.
Rest assured, I did that weeks ago. 
1 Like
At least 118 of us, in fact. I started this thread on “Communities” some time back, and the thumbs just keep ticking up …
https://discussions.apple.com/thread/254335452
Fun fact: Apple disappeared censored a post I made on that thread that linked to the original Tidbits thread. Or maybe it’s the sneering way that I used the word “apologia” to describe other comments made on Apple’s “Communities” when describing other supposedly inevitable changes Apple made, like the move from Contacts/Calendars sync from iTunes to iCloud, which you may recall Apple forced everybody into when they initially released 10.9 Mavericks, only to roll it back, when contrasting them to other posts on this issue. Just as then, some of the comments on this question make me a little bit worried for the future of our species. Sigh. One does not wish to be divisive, but one cannot help feeling that some of Apple’s customers are going to defend the indefensible, no matter what, and make it harder for everybody else. iCloud backups are clearly problematic for some people, for a number of reasons, and local backups were a great way for those people, with only a little bit extra inconvenience, to still have backups while keeping them local, with the added benefit that they were very secure and also complete. Now they’re unusable. If there is a reason why they aren’t working now, I hope it’s a very good one, and that Apple intends to bring out a solution that resumes or improves on what we had.
And yes, I sent feedback to Apple, and I hope everyone else affected does too. I’m still astonished that there really isn’t much of a stir coming from elsewhere, but if we can get Apple to see sense on this, I think we should.
1 Like
So, one thing that I thought about is whether this is literally the only way that Apple can stop some sort of attack (by a company like the NSO Group, for example) that somehow allows one of their devices to access a phone that hasn’t yet trusted the device, and forcing a passphrase from the phone prevents this from continuing. I could see Apple not wanting to admit that this is the reason, though I don’t know why they wouldn’t - why they wouldn’t want to warn users on older versions to upgrade. (In other words, NSO Group, or some other company, had some sort of attack against the iPhone that allows their connected device to force a backup without intervention from the device itself, including an initial trust relationship.)
The fact that this was delivered with updates to both iOS 16 and iOS 15 suggests to me that the was intentional and not just an accidental change to something in iOS.
1 Like
I agree that this seems like something Apple would do. Obviously, the full story is only known to Apple, of course, which makes this all very difficult to talk about, but we know a couple of indisputable things. As iMazing explains, the backup encryption is very strong (AES 256 with PBKDF2) rendering it practically secure for all purposes, and Apple added this “fix” after a security researcher reported a vulnerability concerning the way backups were stored on Macs, once they had been streamed from iOS (which is ultimately in control of backup encryption). The discussion thread goes over this in a bit more detail, but I find it … difficult … to credit Apple with adding such a draconian change to iOS, rather than fixing macOS, unless they felt a sudden and irrational sense of duty to its Windows users, and/or it saw a revenue opportunity from iCloud backups being de-facto required (my favourite), or they thought the benefit of local automated backup was outweighed by the possibility of malware backing up phones (possibly unencrypted, possibly encrypted with weak passwords) to locations where attackers could get at them (the reason I think they actually did this). Let’s hope that Apple invents new UI to explicitly allow the user to trigger a backup on demand, preferably without relying on a computer, but in any case giving the user choice to permit automatic backups when they are encrypted, and manual backups with FaceID/TouchID. Otherwise there is realistically no choice for those of us who sync, but to use iCloud.