Apple has added iCloud Data Recovery to iOS 15/iPadOS 15 and macOS 12 Monterey. They noted that this is an important new feature that will help you in case you have lost access to devices connected to your Apple ID account and do not want to lose all your iCloud data and access to your Apple ID account. . Designate trusted people—friends, family, co-workers, a lawyer, anyone—and you can reach out to them to activate a worst-case backup plan.
However, the service had a significant limitation: it could only restore data that was synced in such a way that it was available directly from iCloud.com. You can see how to do this in Apple’s iCloud data security overview. Only your iCloud data listed under “Standard data protection” marked “In transit and on server” can be recovered using a trusted person. The rest was end-to-end encrypted data encrypted on the device that could not be recovered. (If you have restored a trusted device or unlocked one you thought was permanently locked, that device will resync data with the new hardware you added.)
Apple made this explicit when setting up the service: “iCloud Data Recovery Service can help you get your data back, including photos, notes, reminders, and device backups… Apple cannot access or help you recover your end-to-end encrypted information. , such as Keychain Access, Screen Time, and Health Data.
I wrote a column on the limitations of iCloud Data Recovery Service and how to enable it back in October 2021; see How to use iCloud Data Recovery Service.
Improvements and features
Apple has implemented many improvements in the current operating system cycle, many of which are related to iCloud. I found that this includes the iCloud data recovery service, which has a new name and no longer has the iCloud data access restriction.
Apple is now calling it Recovery Assistance and your trusted contacts are now called “recovery contacts”. Apple didn’t announce the change, but it came along with the release of Advanced Data Protection for iCloud Data. ADP allows you to protect almost all data stored in iCloud with end-to-end encryption – the gold standard. (I determined that the change occurred between December 11 and 13, 2022 by contacting the Wayback Machine on the Internet Archive on the Apple Account Recovery Support page.)
This makes sense: if you enabled ADP, only email, contacts, and calendar entries could be recovered. Hardly helpful. The rethink affects both standard and ADP-configured iCloud accounts.
Recovery Assistance now tells you when you add a contact: “Your recovery contact can’t access your data, but can help you recover it all and regain access to your account.” Pay attention to the word All!
Apple likely does this using the same method it does with iCloud Keychain: it uses the device’s passphrases to lock down the encryption keys that allow access to iCloud Keychain data. Without a device passphrase, you can’t sync iCloud Keychain. Recovery Assistance uses data that the recovery contact has mixed with information that you own and have access to.
The setup and use of Recovery Assistance is identical to the previous version. The main difference is the version numbers:
- iCloud Data Recovery requires at least iOS 15, iPadOS 15, macOS 11 Big Sur, and tvOS 15 on all devices signed in to the same iCloud account.
- Recovery assistance is higher than for macOS, which must be 12.0 Monterey or later, and requires watchOS 8 if you have the watch.
Ask Mac 911
We’ve compiled a list of the questions we get asked most frequently, along with answers and column links: read our super FAQ to see if your question is covered. If not, we are always looking for new problems to solve! Send your email to mac911@macworld.com, including screenshots if applicable, and indicate if you would like your full name to be used. Not every question will be answered, we do not answer emails, and cannot provide direct troubleshooting advice.