Keychain Access – Mac’s built-in Password Manager

Almost every website or service that we use requires a password. While passwords are crucial to enhance the security of your information, remembering all of them can be difficult.

The amount of passwords that we need to use is overwhelming, but writing them down on post-its, or notebooks would leave confidential information exposed. That is why many people have opted for password managers, a practical solution that allows you to store passwords for multiple applications.

Keychain Access for macOS

Mac users can keep their passwords handy and secure thanks to Keychain Access, a built-in password manager that allows you to manage the login credentials stored automatically by your computer.

Keychain appeared with macOS 8.6 and to access the tool all you need to do is to go to Applications, select Utilities and then Keychain Access.

Apart from saving login details such as the ones used to connect to your Wi-Fi, Keychain Access is also a good solution to store notes and keep them private with password protection.

In order to create a secure, private note, you can select Secure Notes and then choose the plus sign to add a new note. Keychain lets you save email addresses, server details, URLs, and much more.

Keychain files are stored in a variety of locations but you don ‘t need to memorize them because the content of these files can be found easily within Keychain Access.

When you launch Keychain Access you will notice that the window is split into three parts. The top-left part displays keychains that are available to you. The section that appears below the list of keychains is Category and it allows you to see specific types of keychains stored including secure notes, certificates and passwords.

The section that takes most of the Keychain Access window shows the contents of category items like all the applications that require a password. If you double-click on any of these items (except certificates), a window will be opened and it will show you the item’s attributes including name, associated accounts, and location. You will also be able to see the services and programs that can access that specific item.

Keychain Login Password

When you create a user account the password used for it is also assigned to the login keychain, which is where new passwords are stored by default.

The main security issue with the Keychain Access system is that all that is needed to reveal the private data stored in a keychain is your account’s password. That means that if it falls into the wrong hands all the items in this keychain can be accessed and your passwords will be compromised.

The best option is to change the logon keychain password regularly by following the steps below:

  1. Select the login keychain in Keychain Access and then Edit, followed by Change Password for Keychain login.
  2. You will be asked to enter the user account password that you are currently using. Then you can create and confirm your new password.
  3. Log out of your account and then log back in using the new password. Whenever one of the passwords stored in the login Keychain is required, you will be asked to enter your account password. If you remain logged in, you would not need to enter the password again.

How to recover passwords with Keychain Access

Keychain Access can be useful in many situations including password recovery. You can get back a password that you can’t remember by selecting All Items or Passwords in the Category section in the Keychain Access.

There you can select the application you want to recover the password for and double click it. This will open a new window where you can enable Show Password. Keep in mind that in order to access this information, you will be asked to enter the password for keychain. Then you can click Allow and you will be able to see the required password in the Password field.

Recovering the password for a website is even easier if you are running Safari on Mountain Lion (OS X 10.8) or above and all you will need to do is to follow these steps:

  1. Open Preferences in Safari and select the Passwords tab. You will be able to see a list of all the websites for which you have saved passwords in Safari.
  2. Before you can enable the Show Passwords option, you will be asked to enter your login password. The passwords will be listed next to each website.
  3. If you wish to remove the password for a website, you can choose the site and click Remove. To remove all saved passwords, simple click Remove All.

Keep in mind that just because an application relies on a keychain, that doesn’t mean that all the passwords within it are automatically secure. It is advisable that you regularly check the access list of every item of your keychain file to make sure that access is only granted for the necessary applications.

Leave a Reply