How to check my iOS-backup password

When backing up iOS devices to the mac, encrypted backups are possible. Is there a way to test my password, which I think is correct, without trying to restore some iPad from this backup?

I want to make sure that I not only have my iPad backed-up, but also make sure that I remember the password correctly.

I would prefer not to “pretend” I want to change my password, just to check if my password works.

Any Ideas?

I am on macos Catalina and iPadOS 14.3.

Migration assistant won’t let me use an umlaut in the password for the encrypted time machine backup

I’m trying to restore a mac from a time machine backup. The time machine backup is found but requires a password and it happens to include one of those funny letters with an accent. The usual way to type those letters would be with option + u and the character you want the dots above, e.g. a. But when I click the option + u key I hear an error sound and no new character is added to the password field. Even ignoring that the password won’t work as it likely doesn’t write it out properly. I can’t copy past things, there is no accessibility keyboard… it seems I am unable to write my password…

Any way I can solve this at all?

I tried typing the password into the username field in an earlier screen and copy it but the clipboard is empty or pasting is disabled in the password field here.

I also don’t think you can remove/change passwords from encrypted backups even if you have the password?

enter image description here

cryptography – Why is a password encrypted with AES and then sent back to the server together with the key with RSA (Instagram)?

I am trying to understand an encryption process on a website (Instagram). As far as I know, a public key is sent from the server to the client. Then the password is encrypted with AES_GCM_256 and packed together with the AES key in an array and then in a sealed box with the public key from the Server.

Is a sealed box the same as simply encrypting the array with RSA?

Why do you do that?

I mean, if you find out the RSA private key and then decrypt the data encrypted with RSA, wouldn’t you also have the AES key to decrypt the password?

And the public key is very short:


Only 64 characters so 512 bits.

Is that even safe enough for RSA?
Or is the key Curve25519?

As far as I know, should an RSA key be at least 2048 bit large?

I would appreciate a link or the answer to a few questions 🙂

Best regards

Is disk encryption (e. g. LUKS) reversed when having an encrypted disk image inside an encrypted partition with the same encryption password?

Let’s assume one has created an encrypted partition, e. g. with the LUKS standard. Then one creates a (virtual) disk image, e. g. for use by a virtual machine, containing an encrypted partition created by the same method and using the same encryption password. The disk image is stored inside the outer encrypted partition. I assume that a symmetric encryption is used.

Is it possible that the parts of the real disk which are occupied by the encrypted partion of the inside disk image are visible in plain text (or something close to that) as if no encryption was used (due to applying the same symmetric encryption method twice)?
If yes, in which particular configuration?

Password cracking using Quantum Computers

Suppose that I have a password that is n-digits long. Each digit can take m values. So the number of permutations will be m^n. I wanted to know how much time it would take a quantum computer to crack this password.

Is there a specific algorithm to this? If quantum computers are actually commercialized, am I (or literally everyone) in feasible danger (of having our passwords stolen)?

wp admin – Use Password Protected Form without the use of wp-login.php

I need to password protect a page, but from what I looked up — the action of the form needs to use something like this:

action="' . esc_url( site_url( 'wp-login.php?action=postpass', 'login_post' ) ) . '"


action="' . get_option('siteurl') . '/wp-login.php?action=postpass"

which both are the exact same thing and both utilizes the wp-login.php.

The problem I am facing is that my company uses a VPN to allow access to the /wp-admin login page — which in turn also affects the wp-login.php file. Because of this, the password protected page effect does not work for our users due to the VPN constraint and routes them to a 403 status page. Is there an alternative way to use the password protected page functionality without the action requiring the use of wp-login.php ?

I assume not, but though to ask if anyone had any insights. Whitelisting on the VPN would defeat the purpose of our use of a VPN to access the admin panel as well, so sorta stuck in a dilemma.

password cracking – Run John the ripper on a specific pattern

I haven’t use a specific password since a while and i need to access a file, i don’t remember which letter are upper case letters which aren’t and the last letter.

Example my password could be :

  • ABC123DEF@?
  • abC123Def@x
  • aBc123DEF@1
  • ABC123DEf@w
  • ….

Does John the Ripper offer a way to work on this specific pattern ?

android – Can I encrypt Google backups (without setting a screenlock password?)

As you can see from my previous question, How can I escape Google?, I am not overly keen on sharing my personal data.

I just got yet another new Android ‘phone, after yet another died. Because I do not want Google having access to my data, I was going to post to post to Software Recommendations asking for an alternative.

I searched first & found Google to Encrypt Android Cloud Backups With Your Lock Screen Password, but 1) that’s over 3 years old, so I don;t know if it is still valid, and 2) I do not have a lock screen password.

Yes, I know that that sounds strange, especially if I am asking about security & privacy, but I have my reasons.

Besides I am concerned about large corporations accessing my data, not family & friends.

So, can I somehow activate Android’s “backup to Google drive” without setting a PIN on my ‘phone (please son’t suggest setting one & sharing it with those I trust – there will be no PIN).

Maximum password lenth for user accounts on Ubuntu

I have a VPS hosted at a remote location. Obviously the host can login directly (without SSH or any keys) on this box and I want to make brute force password guessing as hard as possible for a bad admin.

What is the maximum password length for user accounts in Ubuntu?

(I’m logging in with a 4K RSA SSH key so I don’t care about “user friendliness” for manual logins.)