I’m going to go out on a very short limb here and suggest that most of the issues you’re encountering, especially the lack of authentication information not being consistently retained in a restore, have to do with a) security and b) privacy.

The black market for iPhones is still hot and most people, as you’ve demonstrated, don’t encrypt their phones, nor their backups, if they backup at all. Fundamental data security and information hygiene are still areas of great mystery and consternation for most users.

For example, I went into an authorized Mac retailer here on Maui (I’m here for the month) to send my MacBook Pro away to get the keyboard replaced (yes, it qualified for the recall and I couldn’t stand ttyping double tt’s and not having a reliable Shift key anymore) and had two experiences that demonstrated how rough it is to maintain your digital security, even with a company (or one of its authorized resellers) like Apple that makes privacy and infosec key among its differentiators:

1. Upon handing over my laptop, the staff member asked me for my account password. I shot back a look at him, offended: “do you mean a hardware firmware password?” He was like, “Uh, no like when you start up the computer and you type your password.” “You mean my Apple account password?” I was starting to second guess my decision. “Here, I’ll show you. Just start up your computer.” I did, and turned it around to show him the macOS login screen, asking for my account password. “Yeah, that one.” Hell no, I thought. “Um, I don’t think so. Why would you need my password?” “To run diagnostics.” “I’m sorry, that makes no sense.” At this point, the tech looked over to the other staff member, flabbergasted. “Can we do the service if we don’t have his password?” “Yeah, it’s fine. We can just use the web bootloader.” The first tech turned back to me, with a “sorry about that” look. I shut down my computer, closed the lid, and handed it over. “Everyone always gives us their password.”
2. While this scenario was unfolding, a woman walked in behind me. As the tech started the intake process with me, he peered over my shoulder to ask what she needed. Hurriedly she pleaded to start charging her phone because her mom had called in and she was coming in now to follow up and her phone was dead so she thought she should start charging it so there’d be a charge when he could finally help her and she had put in her password too many times when she was setting up her phone but she had forgotten what it was so she was just guessing but now her phone was locked and said she had to call iCloud and… The tech cut her off before she got into the rest of her life story. “No it’s ok. We’ll charge it when I’m done with this gentleman,” motioning to me. “Ok,” she replied, “it’s just that I’m on Verizon, and I’m not sure my password, and my mom called you guys already, y’know?” “I’ll be with you shortly.”

She clearly had bricked her phone, or at least locked herself out, but what difference is there if she needed some remote God in the iCloud to unlock it for her, for being naughty and incorrectly guessing her password one too many times? Of course, the very personal data that will be required to unlock her account or reset her password is probably the same information that’s ended up in some data breach somewhere. And so in reality, her account is probably more accessible to some bad actor on the dark web than it is to her. And this is presuming that she hasn’t encrypted her phone because if she has, she’s likely going to need a lot more help than this tech can provide.

So all this is to say: yes, I agree with you that the phone transfer and restore process could, in theory, be so much smoother… but then I’m sure the web would also feel so much more innocent and joyful if we could just return to the days where you could sign in to every website using the same username and the password pair, and nothing bad ever happened. But, we now live in a world where the ease of use you crave is oftentimes exactly at odds with the obfuscation and cryptographic math that is necessary to keep us all safe. So in those moments of friction and inconvenience, just remember that when it’s easier for you to access your own data, that may also mean it’s easier for others too.

/hastily written on my iPhone