iOS Restrictions Passcode Cracker

iOS Restrictions Passcode Cracker

iOS Restrictions Passcode Cracker works on all iDevices running iOS 7 – 11.

NB: With iOS 12, Apple moved the Restrictions Passcode into the Keychain, meaning this service is no longer effective against iDevices on iOS 12 and higher. I know, sad isn’t it?
Nothing for you to worry about, your new solution is Pinfinder, a small, downloadable freeware cross-platform utility that will recover your Restrictions Passcode from an iOS 12+ backup. Easy & effective.
Forgotten your iOS Restrictions Passcode? Yeah, so had I, on my 32GB iPod Touch A1421. What a PIA, there’s no remote recovery option for that one. Stink. What I needed was an iOS Restrictions Passcode Cracker to remove the Restrictions Passcode.
Without an iOS Restrictions Passcode Cracker, I was looking at a full iOS update/restore to rid the pesky forgotten code. The official word from Apple was not good –
If you forget your Restrictions passcode, you need to erase your device, then set it up as a new device to remove the Restrictions passcode. Restoring your device using a backup won’t remove the Restrictions passcode.(source:
I’d lose my jailbreak & be forever pissed that a simple 4-digit code beat me. shakes fist at sky You could train a monkey to find the passcode – eventually. End up with monkey spit all over your iDevice too, but that’s another story.
Look, recently Apple has shown that they can apply excellent security to protect their products (iCloud from iOS 7.1.2 on for example). Often though, they leave a hole so wide you can drive a truck through it. (rm /var/db/.applesetupdone anyone? Or resetpassword even?)
One of the repeated shortcomings of technology in general is to limit PIN passcodes to 4 digits – thereby reducing the possible target range to a maximum of 10,000 (0000 – 9999, your answer is somewhere in here.) This shortcoming affects your bank PIN, Android device, TV lock code, and Apple too. By itself, this is not secure protection.
Apple have no record of Restrictions Passcodes via the Apple ID mechanism, therefore the passcode data is on your device, right? Well obviously it is. Let’s find it. Where should you look? In an unencrypted iTunes backup, that’s what backups are for – storing data from a device.
It’s public knowledge that Apple obfuscate data  with the pbkdf2-hmac-sha1 encryption, leaving a string of garbled text that requires decryption to be of any use. So, the process is – find the string, copy it, crack the encryption, pr0fit!!
Let’s Get Cracking!
If you have a Jailbreaked device, and thus root-level access to the file system, search for, using either iFile from the device or a PC tool like iTools or iFunbox. Open the .plist, copy the RestrictionsPasswordKey data and RestrictionsPasswordSalt data then paste it into the relevant form boxes of the iOS Restrictions Passcode Cracker below.
If your iDevice is not JB’d, then you need to extract the string from an unencrypted iTunes backup. Windows users can find your backup folders here: – %SYSTEMDRIVE%/Users/*Your Username*/Appdata/Roaming/Apple Computer/MobileSync/Backup/Long Random Number/ and on Mac ~/Library/Application Support/MobileSync/Backup/
Inside the folders there’s a file named 398bc9c2aeeab4cb0c12ada0f52eea12cf14f40b – this contains the encrypted data string that we need. Copy that file name & use your OS Search function.
Found it? Good. Now open the file with a simple text editor (ie Notepad) to expose data that reads like this:

RestrictionsPasswordKey      M/p4734c8/SOXZnGgZot+BciAW0=
RestrictionsPasswordSalt     aSbUXg==

So the required data is:

Key: M/p4734c8/SOXZnGgZot+BciAW0=
Salt: aSbUXg==

The Magic:

Simply copy/paste the two strings into the relevant iOS Restrictions Passcode Cracker form boxes below. (Really, copy/paste – it’s too easy to make a mistake transcribing manually) Next, hit the blue Crack It button & wait til it iterates through the possibilities.

You can select your preferred range – if you know for sure that your lost passcode didn’t start with 00, for example, then enter 1000 in the Starting box.

NB: This is a private transaction. No data is transmitted from this page. All the work is done in your browser by Crypto.js

iOS Passcode Cracker

Pro Tip:

Use a very analog version of distributed computing to decimate the time required to crack your iOS Restrictions Passcode. Open 5 browser tabs with the iOS Restrictions Passcode Cracker loaded in each.  Set the Starting Passcodes at 0000 (default), 2000, 4000, 6000, 8000, then hit the blue button in each tab.

Your time saved is dependent on which tab finds the answer. If it’s the first tab, no time saved, sorry ’bout it. But if it’s the last tab & the answer is 9000, then you’ve only calculated 1000 passcodes to get to an answer that’s revealed after 9000 guesses in a single-iteration system. Quantified, at 4 attempts/sec, your answer is revealed in just over 4 minutes, whereas the single tab approach wont reveal the solution for well over half an hour yet.

Either way, soon enough, your iOS Restrictions Passcode will be revealed.  This is not a maybe solution, if you’ve entered the Key & Salt data correctly then this app will find the answer.

This page would not exist without the work of Hashcat and John The Ripper.  You want cracking skills? Go visit them.

Did you like that? It worked for you? Please leave a comment, tell me about it.

248 thoughts on “iOS Restrictions Passcode Cracker

  1. Thank you so much, you were very helpful and aft several attempts I could finally solve the problem!!!

    Congratulations also for being so good.


    1. Yeah, there is. Read the instructions written on this page, iFile is only even briefly mentioned, it’s certainly not imperative to the recovery.

  2. hello 1024kb,
    i just left the message to you that i’ve tried long time but it just didn’t work on my iphone.But now it worked!!! i used chrome before but it didn’t show anything. i change to ie and it starts running and i finally found my code! Really really really thank you so much to create this magical cracker!!!!!!

    1. This was my bad, I didn’t check everything everywhere on the site after a WordPress update a few days before. User comments like this one alerted me to the problem – which is now solved.

  3. Dear 1024kb
    i’ve read the article and comments that this magical code worked on their iphone, but i’ve tried and waited, it doesn’t show any pins… don’t know which part is wrong:(
    RetrictionPasswordKey is: 5g3MCwnUAIjaV4M65n0sS7hM+KE=
    RestrictionPasswordSalt is: e+ZLGw==
    I will be glad hearing back from you.

  4. Thanks, worked like a charm! I was contemplating erasing my content and starting from scratch until, it asked me for the restrictions password and i found your page!


    Was unable to download the starboy (explicit) song due to restrictions. You guys helped a lot!!! and loved the message that went ‘ahem! your passcode is xxxx”

    God bless you!

  6. Hi Ive tried 2 different site this is my third attempt. Its not working….
    RetrictionPasswordKey is: 5072F8NSDONbOQ9+sxudb5Q6K4Y=
    RestrictionPasswordSalt is: AeDJlw==

    Please help when you can.

    1. Try this:

      Edit your backup file to Key: M/p4734c8/SOXZnGgZot+BciAW0= & Salt: aSbUXg== save & restore your device from backup.

      Now your restrictions passcode is 0001

  7. Awesome. Took a few hours, but finally got there. It was my daughter’s iPhone and we have no idea who entered the passcode. First we needed to de-encrypt a backup. The password ended up being the icloud password with a lowercase first letter. We never entered that. After getting to the using iPhone Backup Extractor, you managed to crack the passcode in a few minutes. No one recognized the passcode, so it was probably entered accidentally.

  8. This is amazing. To speed things up I opened multiple tabs and ran them simultaneously. First tab was 0000 through 0999. Second was 1000 through 1999 and so on. Thought that might help save time

  9. Wow! This is great! Apple advised me to reinstall the iPhone as a new one…….with losing of all the data. You are my heroes with this solution.
    The code was very strange. I never entered that code in my iPhone.

    1. You don’t need to figure it out Mandy. The automated process here will do that for you.

      You tried 100 times? Wow. There’s 10,000 possible combinations between 0000 & 9999. Enter the required information then leave the cracker to work it out for you. It might take a wee while but it will get the answer.

  10. THANK YOU!!!!! I wish I would have found this site a LONG time ago…..I’ve spent hours trying to find a way to recover my restrictions passcode! Your instructions were right on and I have no IT experience. I’m not even sure why I picked that password either?!

    1. I got busy with that code cracker when I needed a solution myself. Don’t worry about no IT experience, you’ve just had one.

  11. I have used this website about 6 times, and 5 out of the 6 times it worked! The only time it didnt work is when I accidently thoight an 0 was a O. You sir, are amazing.

  12. Thanks so much! I don’t know why Apple doesn’t have a password reset, but this was a lifesaver. One of my kids must have changed the password, because after seeing it I have no idea where it came from. Thank you, thank you, thank you!

  13. Oh man, I was so frustrated that I have been backing up and restoring my iPhone for three devices now and then suddenly noticed this restrictions password that I had forgotten from 2012. I tried to guess, but to no avail. I figured Apple would help. I talked to a Apple agent who said that he could not help. That is a seriously stupid legacy thing. If you can unlock your phone and prove you are over 18 why the heck could they not help you recover the password? I expressed my frustration and was so frustrated that I would have to do a factory restore and then add back all my apps from a stupid list and then memorize and reset every setting to they way I had it. Stubbornly I did a search for “iOS restrictions password crack and this was the 2nd item on the list. THANK YOU SOOO MUCH for building this. You are saving huge amounts of people’s time so they could be just enjoying life:-)

  14. Oh hey, I’ve had this problem for bloody ages! My friend told me about your site and boom! my iPhone is de-restricted!

    Thanks man!

  15. someone help me ! I wait until 9999 but it don’t show the PIN 🙁
    key : V2bLcmSSKokd2IZrlyWKqOLxv6Q=
    salt : kKD4kg==

    1. Someone help me…. please. Didn’t anyone teach you manners?

      You didn’t hit the PayPal button – there isn’t one. So you’re asking for a favour, not purchasing anyone’s time.

      I’m running your Key/Salt now, have been for 12 hours or so.

    1. Thanks for the kind words. Glad it helped you. I’ll update the text to include iOS 10. & be back here next year to add iOS 11.

      Or better yet, I’ll code it in. Something that counts the days from 15/9/2006 then divides by 365, rounds to nearest whole number then prints the array from 7. Seems legit.

  16. Worked like a charm on iOS 9.3.2 and Windows 10. Instead of sifting through 2204 files, I simply searched for a file starting with 398bc9* 🙂 Thanks again. Lifesaver! Did you marry Katy yet?

  17. wow. magic. worked perfectly. Its been 3yrs i’ve been trying to figure my damn restriction password. absolutely marvelled. excellent.

  18. Thanks for this I spent hours trying to figure out how to find this site. It is currently running but I know it will work. Gets my stepson out of trouble with his mom for setting the code.

  19. This is hilarious, i’ve been searching for a way to crack this for hours, wasted almost a whole day.
    Many thanks my friend.
    I can’t stop laughing.

  20. You are the bomb!!!! with your page and iphone backup extractor We fixed my husbands phone!!! Thank you so so so very much!!!!!!!

    1. Where are you looking, Dimo? Mac or PC? I take it you can’t find the iTunes backup folder that contains the file holding the key/salt data?

        1. Then my best guess is that you’ve got backups for several iDevices there & you’re looking in the wrong folder. If the iDevice has a Restrictions Passcode lock, the corresponding 398bc9c… file will be created during backup.

          If looking in the other folders proves fruitless, maybe try clearing the main Backup location by moving all the existing individual backup folders to a temporary location, then run your iTunes backup procedure again. I think you’ll find it then.

  21. Hi i keep on getting no result
    Password Key: 1q3IL+48mFXZtbeBOZA4gdq1Ips=
    Password Salt: xwg7MQ==

      1. I have the iPhone 6s running the newest software.
        I typed the key and salts in and the mistake was a zero instead of an O in the key.
        After fixing this it worked perfectly! Thank you!

  22. Tanks i mistyped the passcode while setting it (i’m not used to the ipad’s touch screens).
    you saved me. Thank you a lot

  23. This website is awesome, but I recommend to add the full path on windows itunes backup for the restrictionspasscode.plist

  24. Lifesaver. Thank you. I’ve been working on this for what seems like forever. I could not find the 398bc9c2aeeab4cb0c12ada0f52eea12cf14f40b file and have no idea why. I double checked the file location, backup dates, etc. What I ended up doing was using the iPhone Backup Extractor to generate all of the plist files from my backup. Then I found the file and used Xcode (Mac property list editor) to read it. I entered the salt and key into your program and it did not find the key. Then I realized the key and salt were not in the right format, so I used text editor to open the plist file instead. This finally produced the proper key and salt, I put it into your form, and viola, I finally have my long lost password. You also helped me realize that my initial backup was not working because I had it encrypted. Thanks again for the help.

    1. Really? There’s only one possibility causing the error then. You see, if the algorithm employed here works with any iDevice Restrictions Passcode, it’ll work with them all. There’s nothing so special about your iPod Touch that will cause this solution to fail. There must be an input error somewhere.

      Do you have backups for more than 1 iDevice stored on your computer? That may be the cause right there, decrypting the wrong hash.

  25. It is not working i tried copying it down and conecting it to my ipod(ios 9.2.1) but it did not work

  26. I am sorry
    i read it
    but i am chinese my english is poor
    i don’t know how to crack the encryption so sad T-T

    1. iTunes
      See the image above – taken from iTunes. Make sure your backup settings match the settings you see there – backup to your PC, encryption NOT selected.
      After backup has run, track down your key & salt, come back here, pr0fit!

      1. I really appreciate your
        The original question here

        I find my password

        Thank you again

  27. can I ask one question
    I open the file it also garbled
    I don’t know how to open it in english?
    DO you have article to teach how to open it ?
    thank you very much

    1. Yes, there’s an article on this page. I’m picking your iTunes backup was done with the encryption option selected. Redo the backup, this time with encryption turned off. Grab your key & salt, come back here, pr0fit.

  28. I also followed all the steps you provided and the file stated to contain the restriction pass code salt and key was missing

    1. You found the backup itself alright, just missing the key & salt file? Are you sure you looked in the correct device backup folder? Have a look in any other folders in the backup folder, see what you can find.

      ‘Cos if there’s no key & salt reference, then there’s no Restrictions Passcode been set. Digital data is like that, just is.

  29. sorry for the miscommunication. I recently backed up my ipad mini 2 on itunes on a windows computer.

  30. Everything was running smoothly until i couldn’t find the 398bc9c2aeeab4cb0c12ada0f52eea12cf14f40b file. :O please help i’m really frustrated about this >:C

  31. my key is 251CD2BDE1A882E4023652B08DB9F21B3AEE823B
    and salt is 2F43DA50

    And i am unable to find password.

    Please help

    1. There’s something wrong with your input data. That Salt derives a key with the last character being =

      It’s also very strange to see a Key consisting of numbers & upper case letters only, with no lower case & no special characters. How did you extract the data? From a jailbroken iDevice, PC iTunes backup or Mac iTunes backup?

  32. The actually backup with pc do not work and there is only one in iCloud. Can I find the code in iCloud too???

    1. Doreen, your local PC backup has the Encrypt option selected. The advantage of this is that it retains your passwords in the protected backup & restores them along with the rest of your data.

      Of course the encryption obfuscates the two vital data chunks that you need to crack your Restrictions passcode. So your workaround is to do a fresh backup through iTunes (or, my preference, iTools) but this time, ensure that the Encrypt option is deselected. Run your backup, find your hash & salt, come back here, pr0fit!

      1. Nor iTools neither iTunes wants to back up???? Telling me that IPad is locked and I should put in code first. Have an idea what I could do???

        1. Doreen, do you have a 4-digit screen lock on your iPad? You can’t access any actual iPad functions?

          This is not a lock screen bypass. It’s a solution for a forgotten Restrictions code, set from further inside the iPad. You need access past the lock screen to make use of this solution.

          1. Yes, a Four digit lock screen. And this one I forgot. Do you have any idea what I could do??? Thank you!

            1. Yes, I do. You can do a DFU reinstall which will wipe all your existing data from the iPad & upgrade it to the latest iOS – 9.2.1 I think.

              On completion of the reinstall, you will need to activate the device by providing the Apple ID username & password that the device is currently associated with. In rare cases this is not necessary, confirm it by going to & entering the serial number from the back of your iPad.

              DFU is best achieved while connected to your PC. Turn the iPad off, then back on. Keep holding the power button. When you see the Apple logo, press & hold the Home button also. The logo will disappear, leaving a blank screen. Release the power button. Count 3 seconds. Release Home button.

              Now start iTunes, which will identify the device attached & download the correct .ipsw file before doing the full, fresh reinstall.

  33. I can not find my backup on my Windows 10 pc at all ???? And an old one gave me just weird letters in Word. Can you help me please?

  34. Great app! I went to the Apple store and they couldn’t help me. This process found it within minutes. Extremely grateful!

  35. I don’t have a computer so I can’t do any if this can u tell a way I can get into whatever u r talking about without a computer or iCloud

    1. Oh boy, there’s just so much wrong with this comment.
      Uhmm, you do have access to a computer, right? (Because you likely used one to post here)
      If you don’t, it’s highly likely that a friend or family member has a computer & would be willing to assist you during this fairly quick process – 15 minutes should get your iDevice backed up so you can find the 2 codes necessary for this hack.
      Other than that, I’m sorry, we’re talking electronic files here, you do need a computer to read them. Having found this method and knowing it works, I haven’t actually bothered to create an alternative solution.

  36. Thanks a million! I had lost my passcode for about 18-24months. Just decided to push through looking for solution and your site was the final key! I was foxed initially as missed out a character at the beginning so it was useful to know that the key is 28 characters and salt 8 characters also I used the free edition of the iPhone back up extractor to get the file before I found your site – could only extract the .plist file but no further. Now I have the code. Thank you.

  37. I’ve spent 2 days on this and finally found your site. Thanks a lot buddy; worked like a dream…

  38. My Goodness i had to wait till 9129 but thank you so much for this!!!!!!! Have been locked out for almost a year now 🙁

  39. This is all that pops up using wordpad:

    )™{YŠ•÷‘`õ; ”رk¡«B} %…ðó.n}Nä!òð{ƒRÃô9×5.”ÛÍÁŽ-oçÖÙ%j_^-/Èõ `¤m 6^QãLäÅ2 3MYÔ¯ý/Ââ¥MT’« ŸÊ…Œ%¯UÏ{®‘½YÄy*
    ,­ý ªet¦Å½o?b°Eá>KTâösǝ¿»6Èç¨É(Ç·‹êð¬x~ýú×ñÆl=þ!¹£t¡oÓ0WvÁfïQÐ_ÛU㯎øh¬üùSÖRboÀH7+GK¹ÇxËT©É)^N„Q|çü·²4^Žš

    1. or this in note pad:


    2. No wonder you’re not getting the right response. That’s nothing like a correctly-formatted key or salt. You’re opening from an iTunes backup, yeah? Try backing up again, this time don’t password-protect the backup. Now hunt the Key & Salt, you’ll find them a lot less complicated this time.

      Once you have Key & Salt in the same format as indicated in my post above, paste them into my decoder. This time you should be successful.



    1. Are you sure? I ask because it’s not a matter of if, it’s when – math is like that. So long as you’ve entered the key & the salt correctly, this page WILL return the correct answer, see Jack’s post below above.

  40. Wow, thanks. I didn’t actually think this would work. You saved my further frustration. Looking back, I don’t even know why I chose that passcode.

  41. LMFAOOOO!!! I am such an idiot. It was an O not a 0 in the “5105” in the key. It totally still works. I was sitting here thinking that Apple wised up and changed the hash algorithm.

  42. I tried this method with my phone. I put in the key and salt properly. I double and triple checked. It just wont work. It keeps going all the way through the 9999. The key is MVLpDTuaZB8AusJhiy5105fTozw= and the salt is KYNKRA==

  43. Thanks a lot for this great little tool! I was at first skeptical, having run through 9000+ numbers, but it pulled through with the correct code. So now I’ve fixed my phone.

    Sincerest thanks to the creator

  44. Fantastic, it worked! You can also find the key and salt in an iTunes backup, which are saved in ~/Library/Application Support/MobileSync/Backup. If you change to this directory in terminal, you can find what you need with this command:

    grep -r -i -C5 -H “restrictionsPassword” *

    Unbelievable how you can’t reset this password…

  45. Hi

    This site worked great for me as well. Thanks a lot!
    Spent a lot of time searching for a solution and trying different codes on the phone until I eventually found your site. Cracking took a while because my code was 8xxx. However, compared to the time spent before, this was negligible.

    thanks again,

  46. Thanks for this tool
    its very important and powerful thing to do
    but there is solution easier with this tool to know passcode .
    its you change manually the line of restrictionpasswordkey in the source file to
    and salt to
    and result of this is the passcode changed to 0000
    tested with ios 8.1 and edited with ifile

  47. Hello

    Just to say thanks – and a very big thanks – I recovered a forgotten Restrictions password via this site.

    Keep up the good work.



talk to us... tell it your way

This site uses Akismet to reduce spam. Learn how your comment data is processed.