> I think it uses the passcode you set on your phone, not the password of your iCloud account.
May be true, but
> access to iCloud data including backups requires the user’s Apple ID and password.
probably doesn't requires the passcode that the user have set, because this data is available across several devices, and the only common thing would be the Apple ID and its password.
^ This. First time it happened I was a little confused, but once I realized what was happening I was ecstatic about it's implications for iCloud backup security.
It involves hardware security modules, cross-device crypto signing and other fun stuff. Apple cannot access the data they store about you on their servers.
From Apple's documentation:
Apple designed iCloud Keychain and Keychain Recovery so that a user’s passwords are still protected under the following conditions:
- A user’s iCloud account is compromised.
- iCloud is compromised by an external attacker or employee.
Note that the keychain security is a bit of an exception -- it's particularly strong, as it's protecting password data. (My favorite detail, not mentioned in the original white paper: To prevent the iCloud Keychain HSMs from being updated with a more lax policy, the smartcards that would have been required to update them were destroyed in a private ceremony involving a blender.)
Other data in iCloud is generally under less extreme levels of security. This isn't to say that it's insecure, merely that it's not as fanatically protected. Some of it may be accessible by resetting your account password.
May be true, but
> access to iCloud data including backups requires the user’s Apple ID and password.
probably doesn't requires the passcode that the user have set, because this data is available across several devices, and the only common thing would be the Apple ID and its password.