Corporate & forensic solutions

Elcomsoft Phone Password Breaker

Recover Password-Protected BlackBerry and Apple Backups

Elcomsoft Phone Password Breaker enables forensic access to password-protected backups for smartphones and portable devices based on RIM BlackBerry and Apple iOS platforms. The password recovery tool supports all Blackberry smartphones as well as Apple devices running iOS including iPhone, iPad and iPod Touch devices of all generations released to date, including the iPhone 5S and iOS 7.

Unlock Apple and BlackBerry Backups

The new tool recovers the original plain-text passwords protecting encrypted backups for Apple and BlackBerry devices. The backups contain address books, call logs, SMS archives, calendars and other organizer data, camera snapshots, voice mail and email account settings, applications, Web browsing history and cache.

Recover online backups from Apple iCloud

iPhone users have several options to back up the content of their devices. They can backup information stored in their device such as contacts, pictures, call logs and data into a file on their computer with the help of Apple iTunes. Alternatively, they can backup all that information into cloud storage maintained by Apple Inc. Introduced in June, 2011, the iCloud service allows users to store data from their devices on remote computer servers and share their files between multiple iOS devices. In addition, iCloud can be used as a data synchronization center for email, contacts, organizer events, bookmarks, pictures and other information.

iCloud backups are incremental. When set up to use the iCloud service, iPhones automatically connect to iCloud network and backup their content every time a docked device gets within reach of a Wi-Fi access point. Online backups can be retrieved by forensic specialists without having the original iPhone device in hands. All that’s needed to access online backups stored in an iCloud are user’s Apple ID and password. Data can be accessed without the consent of knowledge of an iPhone user, making Elcomsoft Phone Password Breaker an ideal solution for law enforcement and intelligence organizations.

The given feature is confirmed to work even for acconts with Apple's two-step verification enabled.

Selective Access

Downloading a large backup for the very first time can potentially take hours. Subsequent updates are incremental, and occur much faster. If speed is essential, Elcomsoft Phone Password Breaker offers the ability to quickly acquire select information and skip data that’s taking the longest to download (such as music and videos). Information such as messages, attachments, phone settings, call logs, address books, notes, calendars, email account settings, camera roll, and many other pieces of information can be pre-selected and downloaded in just minutes, providing investigators with near real-time access to essential information.

Perform Enhanced Forensic Analysis on iOS 4+ Devices

ElcomSoft offers the complete toolkit for performing forensic analysis of encrypted user data stored in certain iPhone/iPad/iPod devices. The toolkit allows eligible customers acquiring bit-to-bit images of devices’ file systems, extracting phone secrets (passcodes, passwords, and encryption keys) and decrypting the file system dump. Access to most information is provided in real-time. In addition to Elcomsoft Phone Password Breaker, the toolkit includes the ability to decrypt images of devices’ file systems, as well as a free tool that can extract the encrypted file system out of the device in raw form. More information is available on a dedicated Web page.

Fast GPU Acceleration

To unlock Apple backups even faster, the tool engages the company’s patented GPU acceleration technology. Elcomsoft Phone Password Breaker is the first GPU-accelerated iPhone/iPod password recovery tool on the market, and the only product to read and decrypt keychains (saved passwords to mail accounts, web sites and 3rd party applications) from password-protected backups (if password is known or recovered). The speed of backup password recovery reaches the speed of about 50,000 passwords per second on AMD Radeon HD 7970 (compare it with only 1,500 passwords per second on Intel Quad-Core CPU).

Designed for nVidia CUDAATI Stream supportEnhanced of Intel Core

Features and Benefits

  • Gain access to information stored in password-protected iPhone, iPad, iPod Touch and Blackberry backups
  • iPhone and BlackBerry backup decryption using known password
  • Recover passwords to BlaclBerry Password Keeper and Wallet applications
  • Recover BlackBerry device password***
  • Read and decrypt keychain data (email account passwords, Wi-Fi passwords, and passwords you enter into websites and some other applications)
  • Save time with cost-efficient GPU acceleration when one or several AMD or NVIDIA video cards are installed*
  • Hardware acceleration on Tableau TACC1441 hardware
  • Perform advanced dictionary attacks with highly customizable permutations
  • Perform offline attacks without Apple iTunes or BlackBerry Desktop Software installed
  • Recover passwords to backups for original and ‘jailbroken’ iPhone (all models up to iPhone 5S), iPad(all generations incl. iPad Mini), and iPod Touch (all generations) devices
  • Recover passwords to all BlackBerry smartphones released to date
  • Compatible with all versions of iTunes (incl. 11.1) and iOS (up to the latest 7.0.2) and BlackBerry Desktop Software
  • Using AES-NI instructions to speed up BlackBerry backups' password recovery
  • AMD Radeon HD 7000 series and NVIDIA GTX 600 series support

GPU Acceleration

ElcomSoft offers a highly efficient, cost-effective solution to lengthy attacks by dramatically increasing the speed of password recovery when one or more supported video cards are present. The company’s patented GPU acceleration reduces the time required to recover iPhone/iPad/iPod and BlackBerry backup passwords by orders of magnitude. The latest generation of ElcomSoft GPU acceleration technology supports unlimited numbers of AMD or NVIDIA boards such as NVIDIA GeForce 8, 9, 100, 200, 400, 500, 600 and 700-series and ATI Radeon HD 5000, 6000, 7000, R7 and R9 series. ElcomSoft GPU acceleration provides true supercomputer performance at consumer prices.


Advanced Attacks

Elcomsoft Phone Password Breaker supports an advanced dictionary attack with customizable permutations. According to multiple security researches, the majority of users choose meaningful, dictionary-based passwords that are easier for them to remember. Elcomsoft Phone Password Breaker is able to recover such passwords and their variations quickly and efficiently no matter which language they are. Elcomsoft Phone Password Breaker supports a variety of permutations of dictionary words, trying hundreds of variants for each dictionary word to ensure the best possible chance to recover the password.

Extract and Decrypt Stored Passwords

In Apple iPhone devices, passwords to email accounts, Web sites, and certain third-party software are stored securely in keychains that are encrypted with hardware keys unique to each individual device. Prior to the release of iOS 4, keychains remained encrypted with a device-specific hardware key; but with the release of Apple iOS 4, the keychains are stored encrypted only with backup’s master password. Elcomsoft Phone Password Breaker is able to instantly read and decrypt all keychain data including stored passwords if a backup password is known or recovered. iOS 5/6/7 are supported as well, of course.

Please note that keychain only from local password-protected backup can be decrypted. For local non-encrypted backups and backups downloaded from iCloud, decryption of the keychain is possible only if you have physical access to the device and so can get the specific encryption key from there.

Offline Backups

Elcomsoft Phone Password Breaker does not use Apple iTunes or BlackBerry Desktop Software, and does not need to have those products installed. All password recovery operations are performed offline.

Access Information Stored in BlackBerry Password Keeper and Wallet

A great deal of highly valuable information is stored in BlackBerry Password Keeper and BlackBerry Wallet apps. Users' login credentials with Web site passwords are kept in BlackBerry Password Keeper to provide mobile users with faster login experience. BlackBerry Wallet stores users' financial information including credit card numbers, billing and shipping addresses, loyalty points numbers, etc.

Information in BlackBerry Password Keeper and Wallet has an extra layer of protection. The data is securely encrypted, protected with individual master passwords. Elcomsoft Phone Password Breaker can quickly recover** the master passwords, and unlock access to users’ passwords and financial information stored in Password Keeper and Wallet apps.

Recover BlackBerry Device Password

The recovery of BlackBerry password is possible if the user-selectable Device Password security option is enabled to encrypt media card data. By analyzing information stored on encrypted media cards, Elcomsoft Phone Password Breaker can try millions password combinations per second, recovering a fairly long 7-character password in a matter of hours. With the ability to recover the device password, ElcomSoft does what's been long considered impossible, once again making Elcomsoft Phone Password Breaker the world's first.

Compatibility Chart
  EPPB Home EPPB Professional
Support for iOS from 3.x to 7.x
Support for iPhone 3G/3GS/4/4S/5/5C/5S
Support for iPod Touch and iPad
Support for all BlackBerry devices
Brute-force attack
Dictionary attack with mutations
Number of CPUs supported 2 32
Number of GPUs supported* 1 8
Hardware acceleration on Tableau TACC1441
Extract and decrypt keychain data (Apple devices with iOS 4/5/6/7)
Decrypt iPhone/iPad/iPod backup (with known password)
Decrypt BlackBerry backup (with known password)
Recover BlackBerry Password Keeper passwords
Recover BlackBerry Wallet passwords
Recover BlackBerry Device Password***
Extract data from iCloud


* Installing latest display driver is recommended when using GPU acceleration on NVIDIA or ATI cards. For multi-GPU configurations Windows 7 is recommended.

** Several hundred thousand passwords per second can be tried depending on PC hardware

*** If an option to encrypt the media card (with password) is enabled

Elcomsoft Phone Password Breaker supports Windows XP, Windows 2003 Server, Windows 2008 Server, Windows Vista and Windows 7 with x32 and x64 architectures. Password-protected backups to iPhone, iPhone 3G, iPhone 3GS, iPhone 4, iPhone 4S, iPhone 5, iPhone 5C, iPhone 5S, iPad (all generations), iPad Mini and iPod Touch (all generations) devices are supported.

Please note that Elcomsoft Phone Password Breaker is NOT able to remove iPhone passcode lock, unlock iPhone from the carrier, jailbreak the iPhone or remove SIM card PIN code. It is intended for recovery of backup passwords only. For more information, read the EPPB manual and Phone Password Breaker FAQ.

Please also note that though Elcomsoft Phone Password Breaker includes the functionality to decrypt iPhone/iPod/iPad dd-style images, but imaging itself, as well as extraction of encryption keys and bypassing the passcode protection, is available only in special iOS Forensic Toolkit.


Purchase EPPB

Download free trial version of EPPB