Keychain is password management system in OS X developed by Apple. It was introduced with Mac OS 8.6, and has been included in all subsequent versions of Mac OS, including OS X. The Keychain Access application is located in /Applications/Utilities folder.
It stores a wide variety of items ? including passwords for email, websites, servers, network shares, Wi-Fi networks, and encrypted disk images. Additionally, it can store secure notes, private keys, and certificates.
The contents of these various keychain files are combined into Keychain Access. The Mac places These keychain files in multiple locations:
Launch KeychainAccess.app, and you?ll see that the window is divided into three panes.
The top-left pane lists keychains accessible to you. Below this is the Category pane. Here you can choose to view specific kinds of things stored in the keychain ? passwords, secure notes, certificates associated with account, encryption keys, and certificates used broadly by Mac. The largest pane, to the right, displays the contents of selected category items ? for example, all of the items that have a password associated with them.
To recover forgotten passwords do the following:
- Open KeychainAccess.app;
- Select All items or Passwords in the category pane;
- Find the item;
- Double click on this item;
- Enable the Show Password option;
- Enter the password for the login Keychain and click on allow;
- Password will be in the password field.
Double-click a keychain item to locate the Show Password option.
Also, there is a possibility to recover forgotten passwords from websites in Safari:
- Launch Safari;
- Open Preferences pane, Safari > Preferences;
- Click on Passwords tab;
- Click on Show Passwords option;
- Enter login password when promted;
- The password will be displayed on the right side of this window.
Change the login keychain?s password
By default, the login password used for the account is additionally assigned to the login keychain, where new passwords are stored by default. So you can simply enter the password you use with the account to uncover a keychain item?s secrets.
- Open KeychainAccess.app;
- Select login keychain;
- In the top menu bar choose Edit;
- Then select Change Password for Keychain login;
- Enter current password (the one you now use for user account);
- Enter and verify a new password;
- Log out of account;
- Log in again.
Auto-lock the keychain
You can add a level of security that auto-locks keychain.
- Open KeychainAccess.app;
- Choose Edit;
- In the drop-down menu choose Change settings for Keychain login;
- Choose one of two options to lock your keychian:
- Lock after ?_? minutes;
- Lock when sleeping;
5. Click Save to implement the selected options.
If you choose the first option and configure it to read something like 5 minutes, keychain will lock if it hasn?t been accessed in the last five minutes. If an application needs access to keychain after that limit has expired, you?ll be prompted for login keychain password.
If you enable the second option, keychain will be locked when Mac goes to sleep (when you close MacBook?s lid, for example).
If you forget your keychain password
You?ve changed the login keychain?s password and, regrettably, forgotten the new password. Is there any hope? Regrettably, no. Apple uses the Triple Digital Encryption Security standard (3DES) to secure the keychain. Unless you can recall password, you?re out of luck and must start over. To begin that process, we?ll make a copy of the old keychain for safekeeping, in case you remember its password; we?ll remove it from Keychain Access, and then we?ll create a new login keychain that you?ll use in the future.
- Open Finder (click on free space on the desktop or launch it from Dock)
- In the top menu bar select GO -> Go to folder;
- And enter ~/Library/Keychains;
- Locate the login.keychain file and drag it to a safe place on the Mac (the Documents or the Desktop folder, for example);
- Launch KeychainAccess.app;
- Select the login item that appears in the Keychains pane (It should appear as an empty box, indicating that it?s missing from the Keychains folder);
- From the top menu bar choose File -> Keychain ?login?;
- In the sheet that appears, click Delete References;
- After that choose in the top menu bar, File -> New Keychain;
- In the resulting Save dialog box, name the new keychain login and save it to the default location (which is account?s Keychains folder);
- You?ll be prompted to create and verify a password for this keychain. (Be sure to choose a password that you?ll remember this time).
From this point forward, passwords that you add will appear in this keychain. And, yes, you?ll have to reenter any passwords stored in the old keychain when prompted.
Share login keychain
If you have multiple Macs, each one has its own login keychain with its own set of passwords. User can share the most complete set of passwords on other Macs to unify them.
- In Finder select Go -> Go to folder
- Navigate to ~/Library/Keychains;
- Make a copy of the login.keychain file inside the Keychains folder on the Mac that has the most complete set of passwords(we will name this Mac as a master Mac);
- Remove the login.keychain file from each Mac?s Keychains folders and put it in a safe place in case something goes wrong;
- Place the copied login keychain file within the user?s Keychains folder;
- Log out and log back in;
- If login password on the Mac you?re currently using is different than the one on this master Mac, you?ll be promted for the login keychain?s password;
- Once you enter it, you should have access to the same passwords as that master Mac.
Keychain First Aid
If keychain access password doesn?t function correctly then launch Keychain First Aid from the Keychain Access Menu (Option-Command-A). You?ll be asked for user name and password.
Tap Verify and the utility will take a look and make you aware of any problems found.
Choose Repair and the problems will be addressed.
If First Aid is unable to repair Keychain problem then you may need to reset Keychain.
- Launch the KeychainAccess.app;
- Choose Preferences from the Keychain Access menu;
- In the General tab, click Reset My Default Keychain;
- You will be asked to log in with the Mac account password;
- Enter a new Keychain password and restart Mac.