According to a post on Reddit, users who attempt to restore a device via iCloud backups in iOS 9.3 will be promoted to enter the passcode that was set on the device that created that backup. Earlier reports claimed Apple was working on encrypting iCloud backups in such a way that it didn’t have the key, and this may be the solution they have come up with.
Previously, to restore from an iCloud backup, users would enter their Apple ID credentials (and verify via 2-factor authentication, if that’s enabled), and select a backup from there.
Using this method, Apple held the key to the iCloud backups because it had to check the password against its servers. This new method, however is encrypted in such a way that Apple no longer has the key to the backup.
When attempting to restore from an iCloud backup, the user is now prompted with this message:
Access to your account is protected by the passcode for “<name of iOS device>”. Your passcode is encrypted and cannot be read by Apple.
Some may argue that this is the result of the Apple vs. FBI case, however this could’ve easily been in the works for months before the case existed. Though, the timing is definitely interesting, and this could be another major reason to update to iOS 9.3 when it’s available to the public.
Some users (including myself), were prompted to enter their iCloud password in a previous beta of iOS 9.3 (either beta 5, 6, or 7). At the time, it had no meaning, though it makes more sense now that this new encryption method has been discovered.
Although the specific example shows a 4-digit passcode, this applies to all passcode types on iOS. For example, if a alphanumeric passcode was set it’ll prompt for that passcode.