[smackfu]

I don't think that's right. Secure things in iOS are in the Keychain, and the Keychain is only backed up if you do an encrypted backup via iTunes. Other backup methods (iCloud and non-encrypted iTunes) just leave it out of the backup.

The scary thing is that you hope your apps can handle the case where they have local data but no authenticated user for it. Some of them just treat no authenticated user the same as a first start and reinit the local data.

[dunham]

The backup, encrypted or otherwise, doesn't contain the actual keychain file itself, but rather a plist export of a subset of the keychain.

Things that are marked as kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly are never included in this backup file. Google's GTMOAuth library uses this value for its keychain records.

[smackfu]

Interesting.

[acdha]

I think the main problem is that there's zero UI indication that your backup is incomplete and the Apple store staff aren't instructed to ask/communicate that. It'd be a very different story if using iCloud or iTunes without a password triggered a “Because our programmers are lazy, we're not backing up your sensitive data” message.