Apple deliberately weakens Backup Encryption For iOS 10. It’s possible for an attacker to brute force the password for a user’s local backup 2,500 faster than was possible on iOS 9, using a computer with an Intel Core i5 CPU (with 6 million passwords per second) With iOS 10, a hacker only requires to try a single password once and brute force to find a match and crack the account login, making the entire process substantially less time consuming. An obvious limitation to this attack is that it can’t be performed remotely.
Source: https://thehackernews.com/2016/09/apple-ios10-encryption.html