"Back up my data" option in Android means sending a lot of private information, including passwords, in plaintext to Google
The "Back up my data" option in Android is very convenient. However it means sending a lot of private information, including passwords, in plaintext to Google. This information is vulnerable to government requests for data.
You could implement this the same way Chrome's sync feature is implemented, with two options:
* Encrypt synced passwords with your Google credentials
* Encrypt all synced data with your own sync passphrase
Since backup and restore is such a useful feature, and since it's turned on by default, it's likely that the vast majority of Android users are syncing this data with their Google accounts. Because Android is so popular, it's likely that Google has plaintext wifi passwords for the majority of password-protected wifi networks in the world.
Google's blog about wifi security (http://googleblog.blogspot.com/2013/06/securing-your-wifi-network.html), says this about wifi passwords:
"To secure your network with WPA2, you’ll need to create a password. It’s important that you choose a unique password, with a long mix of numbers, letters and symbols so others can’t easily guess it. If you’re in a private space such as your home, it’s OK to write this password down so you can remember it, and keep it somewhere safe so you don’t lose it. You might also need it handy in case your friends come to visit and want to connect to the Internet via your network. Just like you wouldn’t give a stranger a key to your house, you should only give your WiFi password to people you trust."
While using Android requires a certain amount of trusting Google, I don't think it's rational to expect users to trust Google with their plaintext passwords when Google can be compelled to give this data to the US government when they request it.