Signal Secure Backups
307 comments
·September 8, 2025nikeee
nar001
You already can, if you at least set up desktop, you can transfer also message history, though you won't have your media older than 45 days. Maybe it can work as a stopgap before they roll out encrypeted backups everywhere
zbrozek
That's a weird and crappy arbitrary limitation when I could move an arbitrary amount of data between the two devices otherwise. It's the worst part of Signal.
akkartik
This looks brilliant. I just hope they make it easy to do test restores. In particular, I want to test restore without perturbing my main device. Let me restore using the secret key on a new device.
When I install Signal on a computer it won't show me message history. Will backups allow me to view _all_ my message history on a computer? A big screen is very helpful for browsing lots of messages.
greysonp
Hi there, Signal dev here. You can sort of do this! You can restore on your new device, and while you will be unregistered on your old device, all of the data is still there. So if you see that something is amiss on the new device, you could re-register on your old device and you'd be right back where you started. This is actually one of the ways we test the feature with our own personal data.
eigenspace
Hey, i have a related question about this:
I have an old iPhone that has all my old Signal messages still on it that I wasnt able to move with me when I switched to Android. Is there any way that I can use these new tools to move the old conversations on my iPhone over to my android phone without losing all the new messages that are on my android now?
That is, I want to merge the two histories.
codethief
Using the new backup feature that we're discussing here (once it is available on iOS), you will probably need to transfer your old iPhone's data to an Android device first (either a secondary one or your current one, provided you have backed up its data to a backup file). Then follow https://news.ycombinator.com/item?id=45174779 .
null
oezi
Multi-device would be a nice feature.
And question: Will a backup taken today on Androis be able to be restored on iOS once released?
null
codethief
Hi @greysonp
> Once you’ve enabled secure backups, your device will automatically create a fresh secure backup archive every day, replacing the previous day’s archive.
So IIUC backups will not be incremental and I will have to re-upload my 15 GB backup archive every day? Why is that? What's the security risk here? (Obviously I'm not suggesting encrypting & uploading each message & media file individually but splitting things up into same-sized chunks, like e.g. borgbackup does.)
> At the core of secure backups is a 64-character recovery key that is generated on your device. This key is yours and yours alone; it is never shared with Signal’s servers. This key is different from your Signal PIN, which serves different purposes.
Both recovery key and Signal PIN seem to serve the exact same purpose, though, namely restoring data (conversations, contacts, account, …)? Why not unify them?
elvisloops
Giving people a 64-character key also feels uncharacteristically crude for Signal. It's not realistic to hand people 64 characters and tell them to “store this securely.” Most people will screenshot it, and those screenshots will end up in unencrypted cloud backups.
That's less of a problem when the backups are local, because access to the local backups implies access to the device, but if the backups are in the cloud with no forward secrecy, this seems like a huge security backslide for Signal.
codethief
I get your point but is a large set of dictionary words or 5-digit numbers (see the current backup passphrase) so much better? At the end of the day, recording entropy will always be cumbersome and there is no way around it.
> Most people will screenshot it, and those screenshots will end up in unencrypted cloud backups.
At least on Android apps can disable screenshots, though, which might be a simple way to deter people from doing that?
dlgeek
I think a large set of dictionary words are likely more user friendly. I think most people will have a lot more confidence on their ability to transcribe words to/from paper more accurately than a bunch of numbers - better built in error correction, etc.
wooptoo
I'm assuming the backup format uses a container (like Veracrypt volumes), which grows in size forever, and cannot be backed up incrementally. I ran into the same issue when backing up loopback LUKS volumes. An elegant solution in this case was switching to Gocryptfs which encrypts each file individually, but then can mount the entire folder as a whole with fuse. This means only modified files need to be synchronised to the remote.
greysonp
Hi there!
> So IIUC backups will not be incremental
Nope! It's very much incremental :) At least the media is. There's one blob of containing all of your messages+metadata which does have to be re-uploaded every night, but for most people that's gonna be somewhere in the low-tens of MB. Your attachments are uploaded incrementally one at a time, typically as they're sent/received, so you usually don't even have to wait to upload them at backup-time.
> Both recovery key and Signal PIN seem to serve the exact same purpose, though, namely restoring data (conversations, contacts, account, …)? Why not unify them?
This was a hard decision and something we went back and forth on. But at the end of the day, we felt the safest thing we could do for now is to use a completely separate strong, random key. We're very aware of all the trade-offs involved, but this is where we landed.
highwind
I'm guessing the same reason why my house's front door and back door use different keys.
tymscar
Most likely they have different keys for absolutely no other reason than the fact that they were bought/made separately. I honestly would prefer to have a single key to my building.
nimchimpsky
[dead]
EGreg
The PIN is a lot easier to guess on a remote machine storing a backup, the space is small. In the context of your device, they can throttle it.
codethief
Ah yes, the Signal PIN is backed by Intel SGX to ensure it can't be hacked even if the user has not provided enough entropy. However, why not simply rule out the low-entropy case altogether and use that randomly generated 64-character key throughout? That way, we also wouldn't have to trust Intel SGX… (which I think we shouldn't)
poisonborz
Backing up Signal on Android for free and offline was ~always possible. The app creates a multi GB backup file on the phone memory under the Signal folder that you can just copy out and back on a new phone.
The file is encrypted with the passcode and the database can be extracted.
Sesse__
There are a couple of problems with the existing backup:
1. It is non-incremental. This means you'll need about as much free space on your phone as your Signal database takes, and it may take many hours to make if your database is large (mine is 18GB). I used to wake up to find my phone had not even fully charged because it had been so busy writing Signal backups.
2. Once you have it on disk, how do you get it away from your phone? Especially after SyncThing disappeared from Play Store (because it was basically a non-Android app behind a thin Android shell that couldn't easily be upgraded to more modern native APIs), there's nothing super-obvious here.
I would have loved a better solution for local backups, but realistically, $2/month for cloud backup is really cheap, and a pragmatic solution.
dns_snek
> Especially after SyncThing disappeared from Play Store (because it was basically a non-Android app behind a thin Android shell that couldn't easily be upgraded to more modern native APIs), there's nothing super-obvious here.
That's not what happened, it was Google who started rejecting their updates on Play store. I believe the original Android app maintainer quit after that but there's a fork on on F-droid which works perfectly.
graemep
fork that will work perfectly until year after next.
zamadatix
The $1.99/m is not for the up front work of fixing what sucks about current backups though, it's just bundling those fixes in with YACSS (Yet Another Cloud Storage Subscription) is the only way to get people to pay their "reasonable" recurring fee.
People here seem to want to answer the question of how to copy data most directly, but only because that's how the problem was phrased. I'm not convinced "users had no way to sync data on their phone" was/is a real problem worth paying for YACSS for in the first place.
godelski
Not to mention that this is a pretty good way to fund Signal. That's always been a challenge with Open Source projects as not enough people want to donate. On that note, a lot of companies will do donation matching and just saying, that's one way you could go about it if you feel inclined. For an app I use every day, I don't mind throwing them some beer money (and having work pitch in too). I get more utility out of it than my Spotify subscription
andrepd
Explicitly, from TFA:
> But secure backups aren’t the end of the road. The technology that underpins this initial version of secure backups will also serve as the foundation for more secure backup options in the near future. Our future plans include letting you save a secure backup archive to the location of your choosing, alongside features that let you transfer your encrypted message history between Android, iOS, and Desktop devices.
autoexec
> Once you have it on disk, how do you get it away from your phone?
plug your phone into a computer? Install Termux and use one of the countless command line programs designed to transfer bits over a network?
codethief
I think GP was talking about how to transfer the backup 1) daily, 2) in an automated manner, and 3) reliably and in time (before, 48h later, Signal overrides the existing backup on your phone later with a new one).
This is not trivial when each backup archive is in the order of 20 GB.
whatevaa
On Linux KDE connect can mount your phones filesystem as FUSE filesystem and then you can use desktop file explorer like dolphin. It's even integrated and automatically apears as an option. Quite convenient, I would say. Performance is pretty good too.
andrepd
Any Linux desktop can do that via MTP (Google doesn't allow access as mass storage anymore)
Dunedan
> There are a couple of problems with the existing backup:
>
> 1. It is non-incremental.
I wonder if that's differently with the newly announced functionality. Their announcement doesn't sound like it:
> Once you’ve enabled secure backups, your device will automatically create a fresh secure backup archive every day, replacing the previous day’s archive.
stevenwalton
> Once you have it on disk, how do you get it away from your phone?
Unfortunately this doesn't work on iPhone. I have a shortcut that will do something similar that I can share but that is a lot hackier...
[0] https://github.com/stevenwalton/.dotfiles/blob/master/script...
[1] Probably better. I'm normally logged into my alt account
aftbit
I would use scp under Termux to copy the backup away personally.
growse
Personally, I find that having orchestrate and regularly schedule the exporting of that file off my device to somewhere else, and then look after it there to be not "free".
The new offering is reasonably priced imo.
_heimdall
Agreed. I prefer setting it up myself and have had Signal backing up to my home server for a few years now, but for most users an opt-in with a basic free tier and cheap enough paid plan makes a lot of sense.
Glad to see they're finding potential revenue streams that don't compromise their focus on privacy and security.
dcow
They even say they’re committed to offering BYO storage as the feature matures
tjoff
Yeah, didn't see it mentioned, I trust it will still be available?
halyconWays
I bet they'll phase it out and try to force their worse service, wherein your data is stored on their servers, like they tried to do with PINs. It took enormous pushback to get them to stop mandatory PINs, and even then they made it nagware for a year or two.
I didn't trust their rationale about PINs and remote attestation somehow meaning your data is secured by a small passphrase, just like I won't trust them to not remove a useful and existing feature I already rely on for backups.
Also not mentioned, they designed their existing backup solution to require reverse-engineered community solutions to actually access your data; I have to use a Github project to unencrypt the backup and export my chats, which is something I've never had to do with any other messenger.
codethief
While I understand (and share) your criticism, it does sound like they'll continue to support local backups:
jacooper
This trick never worked for me, the app just never restores this. People used to say the same about WhatsApp. Now both have direct migration features.
eviks
> If securely back up all* of your text messages and the last 45 days’ worth of media for free. > If you want to back up your media history beyond 45 days, as well as your message history, we also offer a paid subscription plan for US$1.99 per month.
So after so many years of having a serious design flaw this poor substitute of a backup where you can't even save all your text for free is all they've managed to come up with?
> The reason we’re doing this is simple: media requires a lot of storage, and storing and transferring large amounts of data is expensive.
Easy fix: let the user choose his own local/cloud storage location?
dash2
I guess the reason WhatsApp lets you save all your text for free is they are making money off sucking up your data. I think ultimately this model will win, but I sympathise with Signal's approach.
amluto
Wow, maybe as a side effect users will be able to migrate between Android and iOS without losing their message history.
Seriously, why is the migration protocol completely different on the two platforms?
greysonp
Hi there, Signal dev here. The new backup format is indeed cross-platform. I've successfully restored backups on an iPhone, we're just stabilizing things :)
If you're curious, the reason that Android's current local backups aren't cross platform is because it was made a long time ago, and it's literally a dump of all the sqlite statements that can be used to recreate Android's sqlite database (encrypted with a strong, random, local key). So not the most portable!
But this new thing is all cross-platform, and in the near future we'll even be making our local backups cross-platform.
codethief
Hi Greyson!
> But this new thing is all cross-platform, and in the near future we'll even be making our local backups cross-platform.
This is excellent news! Will there also be official documentation on the backup format, potentially even official tooling like signalbackup-tools[0] to access/parse backups offline? I'm asking because, having used Signal/TextSecure for 10 years now, my backups are worth a lot to me (obviously) and there have been times when I would have liked to mine & process my backed-up data. (Extract media from conversations in an automated manner, build a more elaborate search, …)
My backups have also reached the point where they are so big (15-20 GB) that it's starting to become difficult to conduct a backup each day and sync it successfully before it gets overridden 48h later. So unless I start using the new "cloud backup" feature[1] (which I'm not sure I want to), at some point I will have to archive my existing Signal conversations somewhere and start from scratch (i.e. reset the app). In that case, it would be nice if there was an officially documented way to merge & read new and old backups offline (on my desktop), similar to what [0] provides right now.
[0]: https://github.com/bepaald/signalbackup-tools
[1]: EDIT: Actually, it seems like the new cloud backup feature doesn't support incremental backups, either? https://news.ycombinator.com/item?id=45175387
amatecha
Will you guys ever ship an update that allows me to use my Signal iOS install that had a partially-broken migration from an older device? I was able to receive/read messages, but couldn't send. I tried to re-register but now my client is completely broken and crashes when I enter the registration verification code I get via SMS.
oezi
Will the new backup format support also conversion of filetypes between Android and iOS? In the past Voice Memos from Android couldn't be opened on iOS if they weren't sent directly between participants.
Nathan2055
That's really surprising to me.
iOS has had pretty decent audio format support for a few years now: even though you can't directly import FLAC files to iTunes/Music, they are supported in the OS itself since 2017 and play fine both in Files and in Safari. The other big mainstream formats (WAV, AIFF, MP3, AAC, and ALAC) have been supported for years, and even Opus finally got picked up in 2021.
About the only non-niche audio format that isn't supported natively on Apple platforms at this point is Vorbis, which was fully superseded by Opus well over a decade ago. Even then, I believe it's possible to get Vorbis support in iOS apps using various media libraries, although I'm sure Apple frowns upon it.
I'd really love to know what's causing that incompatibility.
V__
Are there any plans to allow backups to a custom server or another folder?
andrepd
From tfa:
> But secure backups aren’t the end of the road. The technology that underpins this initial version of secure backups will also serve as the foundation for more secure backup options in the near future. Our future plans include letting you save a secure backup archive to the location of your choosing, alongside features that let you transfer your encrypted message history between Android, iOS, and Desktop devices.
crystaln
This is mentioned as a future feature.
antris
> Seriously, why is the migration protocol completely different on the two platforms?
Because they don't want to make jumping to the competitor too easy.
cosmic_cheese
This is the result of differing storage implementations in the app between platforms and has nothing to do with the platform itself. Painless cross-platform migration is possible but simply wasn’t factored into the original design. IIRC WhatsApp also has this problem.
derefr
@Signal devs: any reason that the only two options for backup are now "locally" (flexible, but only solves for some use-cases) or "to Signal's special servers" (not flexible; might be legally impossible for many users to enable)?
Because it seems to me that, for much of Signal's (often paranoid) audience, they'd much rather use one of the backup/sync providers they've already verified trust of, than have to additionally trust some new backup service provider.
And it also seems to me that, now that Signal has the architecture to support this, it'd be pretty easy to add additional backup-sync providers.
E.g. in the codebase for the iOS Signal client, you could implement a provider that does incremental backup sync against iCloud (i.e. CloudKit for messages + iCloud Drive for attachments) — allowing the user to use their (perhaps already paid-tier) iCloud account storage.
Same with Android and Google Drive (though Google Drive doesn't have an equivalent to CloudKit, so this might be fiddly; to get good amortized write costs, you might have to e.g. buffer row-like writes in a local replication journal, and then flush them through bulk local key inserts in a locally-partial-fetch-cached set of LevelDB files, where the updated files in the set then get flushed as single whole-file overwrites to GDrive.)
---
Note that in all cases, Signal could/should still fully encrypt this data before pushing it to the provider; the backup wouldn't be expected to be "legible" to the user.
But where, with backups synced to Signal's servers, users need to trust that Signal's E2E backups encryption works perfectly to be able to believe that Signal themselves can't then have access to your backed-up data; it's much less scary to sync to literally any other provider, who won't specifically know that they've got chat data on their hands / won't have any potential to (perhaps after a bad acquisition by a PE firm) begin thinking of themselves as a "data company" who would love to have "chat data" as an asset.
jimkleiber
Perhaps they will?
> Our future plans include letting you save a secure backup archive to the location of your choosing
nar001
I'm confused, what's stopping you from using one of the backup services you already have on the file after it's done? Since Signal would backup to a file in your phone? Couldn't you just point your service to it and automatically sync every day for example?
daveoc64
The existing backup feature on Android doesn't do an incremental backup.
I just ran a backup, and it was 850MB. So having my phone upload something of that size every day would be a bit annoying.
Most of the major cloud storage platforms don't offer sync on Android.
It's not really a good fit for how the filesystem is used by Android apps.
I currently only do a Signal backup every few months (when I remember), and manually upload it to OneDrive.
I'm not going to pay for their new service - I already pay for too many storage services.
hackmiester
Well, just to be clear, signal for iOS did not support ANY backup before this.
Silhouette
Note that in all cases, Signal could/should still fully encrypt this data before pushing it to the provider; the backup wouldn't be expected to be "legible" to the user.
That seems like an unhelpful limitation for a lot of people. For me - and as far as I know literally everyone I communicate with using Signal - the reason to use it is the E2EE for the messages. Once we have the messages or media on our own devices we're fine with having control over them ourselves. By all means also provide an option to create a secured archive for those who want it. But as long as the data can only be read using a specific app on a specific device then whatever you're creating isn't really a backup for a lot of practical purposes.
varenc
Agree with the sentiment, but I can understand why they don't offer this. Rational or not, people will feel less safe if all their messages can just be easily exported to plaintext. A few scenarios where this might matter like the 'evil maid attack' where someone briefly has access to your unlocked phone.
But I just use this project to export my signal messages to plaintext: https://github.com/tbvdm/sigtop
I have it auto run periodically and it's great. Makes for easy full text searching of my message history.
Silhouette
Rational or not, people will feel less safe if all their messages can just be easily exported to plaintext.
IMHO the point is that it's not rational. Signal is as vulnerable to the analogue hole as any other messaging platform that displays the messages on a phone screen. There was never any credible way to prevent someone who has received your message from keeping or passing on the information it contained. The idea is as unrealistic as the "disappearing message/photo" applications when confronted with any cheap phone or camera separate to the one showing that message/photo. Ultimately if you don't trust the recipient of your information to treat it as you would wish then your only choice is not to send them the information in the first place.
palata
Did you read the article?
elevation
I moved phones before Signal backups were available. My old phone has years of Signal chat and photo history. I can scroll through the conversations, but since I activated Signal on my new phone, my old phone will not let me export a backup any longer. Is there a safe sequence of operations to let me recover the data?
codethief
Couldn't you re-register your old phone temporarily, just for the purpose of taking the backup¹, and later re-register your current phone? (In fact, once your old phone is registered, turn on airplane mode, and you should be able to re-register your current phone right away without affecting your old phone and the backup you're making there.)
Alternatively, would it be an option to get a throwaway number you could register your old phone under?
Finally, once you have the backup, use something like https://github.com/bepaald/signalbackup-tools to merge your old phone's backup with your current phone's backup, and then reinstall Signal on your current phone from that merged backup. (Disclaimer: I have never actually done this before but signalbackup-tools has been around for a long time and the developer seems to be very responsive.)
¹) I'm talking about the traditional way of backing up Signal conversation data to an encrypted archive here, not the feature discussed in the OP.
georgeck
It would be really useful to have more client-side control over media storage. That way, I could better manage storage growth without wiping entire threads.
For example, being able to see all media across chats, sort by file size, and optionally group by conversation would make it much easier to clean things up.
sir_brickalot
To your point: What I am missing with Signal:
Choice to always store media locally on the phone.
What I miss with most messenger apps: Archiving old stuff and offload it to a remote device.
Right now Signal is 8GB in size and doesn't stop growing.
chimeracoder
> It would be really useful to have more client-side control over media storage. That way, I could better manage storage growth without wiping entire threads.
> For example, being able to see all media across chats, sort by file size, and optionally group by conversation would make it much easier to clean things up.
I have good news for you: this already exists.
On Android:
Settings >> Data and Storage >> Manage Storage >> Review Storage
This allows you to view all of your media, files, and audio across all chats, sorted by the amount of storage used. You can also delete those files individually without affecting the rest of the chat.
You can also do the same thing within a conversation.
mfsch
The issue I have with this is that it deletes the whole message, not just the media. In WhatsApp, you can delete media from the images/video folders and the messages remain in the conversation, they even still have the blurry preview iirc. In Signal, you end up with gaps in your history instead.
georgeck
Thanks, that’s helpful.
I’m also hoping similar media management options are available on iOS and desktop, since I use Signal across devices.
By the way, does Signal treat synced devices (like desktop or a second phone) as “replicas” vs a “primary”? If so, does this affect how storage or message history is handled between them?
Would appreciate any insight from folks familiar with the technical side of this!
wpollock
On my Samsung: Settings >> Device Care >> Storage
codethief
I think you're talking about Android settings, though, not Signal settings?
ThePowerOfFuet
Does that give you per-attachment insight?
b8
Since phones have a lot of storage, then why not constantly backup locally and overwrite it for newer versions (opt in of course)? Signal already has large operating cost, so a cloud backup with the very low subscription cost is concerning. It would help Signal to get rid of sms registration and move to something less costy.
gardnr
I am happy to see Signal charging for premium features.
From a product perspective, being able to switch between two iOS devices without a 3rd iOS device shouldn’t be a premium feature.
Please consider enabling local backup and restore for a single Signal instance on iOS.
palata
> being able to switch between two iOS devices without a 3rd iOS device
I have moved Signal from an iOS device to a new iOS device multiple times. Why do you need a 3rd one?
kelnos
I don't get this. The local-only backup option is already encrypted. Why can't they include an option for me to upload it somewhere of my choosing, like Google Drive, or even using Android's built-in backup system, so I can do it for free (my current backup file is well over a GB)? I already donate $5/mo to Signal Foundation; building a paid-only backup solution gives me a bad taste.
I even wrote a small Android app to do GDrive uploads of the encrypted backup file, watching the local backup directory for new files. (It broke with an Android version update and I haven't gotten around to fixing it.)
palata
Kind of answered by a Signal dev here: https://news.ycombinator.com/item?id=45171576
The existing local-only option is legacy. I guess they haven't built on top of it because of that. The new option is better, and they say in the article that it should offer an option to do exactly what you ask for.
itscrush
Monetize first is their strategy given this included statement:
> Our future plans include letting you save a secure backup archive to the location of your choosing
> alongside features that let you transfer your encrypted message history between Android, iOS, and Desktop devices.
That's actually the feature I've been looking forward to. As I moved vom Android to iOS, I lost _all_ message histories from all messenger apps that use E2EE (Signal, WhatsApp, Threema, etc). The only one that "just worked" was Telegram due to not being encrypted. WhatsApp had a migration app that has to be done when setting up the iPhone, but it failed due to some bug. Signal had backups, but they didn't seem to be compatible between different OS versions.