I fell for it again and thought, I'll just enable the encryption of iPad backups. Pretty stupid. I should have been warned by the debacles with the encrypted home directory. But of course, I did it again. Everything worked fine until today when the backup mess happened - it got stuck in the first step and just wouldn't proceed. Possibly corrupt backup files on the Mac. Ok, the standard procedure is to simply delete the backup in the settings under devices and create a new one. But that doesn't work if you have encryption enabled - it complains, naturally only after all the steps have been completed, that it can't make backups because no session with the iPad can be started. Huh?
And of course, I can't reset the password - it always claims it's wrong (even before I deleted the backup). My suspicion: the password is checked against the backup and if there isn't one, or it's defective, you can't perform a successful check. Resetting the password doesn't work, creating new backups doesn't work, and making iTunes forget the iPad also doesn't work. Before someone thinks they need to tell me I don't know the password: iTunes saves the password in the keychain if requested and yes, the password is the one I enter. And yes, that is definitely the correct one - the device identifier is saved as the account name with the password. And no, this exact password is of course not accepted...
Solution according to Apple? Completely reset the iPad and set it up again. Great, fantastic idea. Sure, many of the data I have are on my Mac, but over time, data have also been added that are not on the Mac. And I would like to transfer those somehow.
By the way, normal backups and restores work - and with unencrypted backups, you can also create a new one if the backups are corrupted. But not if you have encryption enabled.
Frankly, this renewed experience with Apple's inability to build reasonably stable encryption solutions makes me rather skeptical about their full-disk encryption in the upcoming 10.7...
Update: after a few experiments (tested on another computer, iPad backup reconstructed from the TimeMachine backup and tried with it) I suspect the password is also noted on the device - and this note seems to be corruptible. Because even on another device, the definitely correct password is rejected as wrong, and another device also insists on making an encrypted backup (which makes sense, otherwise you could trivially get the data via a backup on another device). The problem is not that it protects itself against manipulation - the problem is that this crap can break and without any external signs - the backups have always worked fine so far, they are just suddenly worthless now (just like the data on the device).