Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

job2

macrumors newbie
Original poster
May 30, 2010
28
0
Does backing up the 'Keychains' folder in Library include your iCloud Keychain as well? Are iCloud-saved passwords, secure notes, etc. included in 'login.keychain'?
 

Weaselboy

Moderator
Staff member
Jan 23, 2005
34,262
15,878
California
If you run this command in Terminal is will show you the hardware UUID for your Mac. Then look in that keychains folder and if you have iCloud Keychain turned on there will be a folder there that matches that UUID. Inside that folder is the database for the iCloud Keychain. If you are backing up that keychains folder, it would include the iCloud database files.

Code:
system_profiler SPHardwareDataType | grep 'Hardware UUID' | awk '{print $3}'

The passwords saved in the iCloud Keychain are shown in the Local Items keychain section of the Keychain application and are not duplicated in the login keychain. Notes are part of the login keychain though.
 
  • Like
Reactions: CoastalOR

job2

macrumors newbie
Original poster
May 30, 2010
28
0
If you run this command in Terminal is will show you the hardware UUID for your Mac. Then look in that keychains folder and if you have iCloud Keychain turned on there will be a folder there that matches that UUID. Inside that folder is the database for the iCloud Keychain. If you are backing up that keychains folder, it would include the iCloud database files.

Code:
system_profiler SPHardwareDataType | grep 'Hardware UUID' | awk '{print $3}'

The passwords saved in the iCloud Keychain are shown in the Local Items keychain section of the Keychain application and are not duplicated in the login keychain. Notes are part of the login keychain though.
Thank you for your answer.

So there is a folder in the Keychains that matches my UUID with four files: keychain-2.db, keychain-2.db-shm, keychain-2.db-wal, and user.kb. You mean my iCloud-saved passwords are in those?

Also, I don't have a Local Items section in Keychain; only login, iCloud, System, and System Roots. Passwords saved in iCloud are only visible in the iCloud keychain.
 

Weaselboy

Moderator
Staff member
Jan 23, 2005
34,262
15,878
California
So there is a folder in the Keychains that matches my UUID with four files: keychain-2.db, keychain-2.db-shm, keychain-2.db-wal, and user.kb. You mean my iCloud-saved passwords are in those?

Yes... exactly.

Also, I don't have a Local Items section in Keychain; only login, iCloud, System, and System Roots. Passwords saved in iCloud are only visible in the iCloud keychain.

I am on El Capitan and the iCloud keychain is called Local Items. I believe on earlier versions of OS X it was called iCloud like you are seeing on yours. I can't recall which OS X version this change happened.
 

job2

macrumors newbie
Original poster
May 30, 2010
28
0
Yes... exactly.



I am on El Capitan and the iCloud keychain is called Local Items. I believe on earlier versions of OS X it was called iCloud like you are seeing on yours. I can't recall which OS X version this change happened.
Hmm, I'm not really sure that's the case. Here's what I just did:

1. Turned off iCloud Keychain on my Mac (running El Capitan), which replaced the iCloud section in Keychain with Local Items. Gone were all my Safari passwords, and the only ones that remained were some application passwords.

2. Re-enabled iCloud Keychain on my Mac. Local Items once again became iCloud and my Safari passwords appeared, along with previously mentioned application passwords.

Also, the files in the "UUID folder" didn't get deleted when i disabled iCloud Keychain…
 

Weaselboy

Moderator
Staff member
Jan 23, 2005
34,262
15,878
California
Hmmm... odd. Something must have happened when I updated to El Capitan then because I know mine was called iCloud before and I did and still do have iCloud Keychain turned on and it is now Local Keychain.

I just turned iCloud keychain off then back on and it renamed it back to iCloud in keychain like it used to be.

When you disable iCloud keychain you get an option to delete the passwords from the Mac. I did not try it, but I assume if you said to remove them the contents of that UUID folder would be removed.
 

job2

macrumors newbie
Original poster
May 30, 2010
28
0
Hmmm... odd. Something must have happened when I updated to El Capitan then because I know mine was called iCloud before and I did and still do have iCloud Keychain turned on and it is now Local Keychain.

I just turned iCloud keychain off then back on and it renamed it back to iCloud in keychain like it used to be.

When you disable iCloud keychain you get an option to delete the passwords from the Mac. I did not try it, but I assume if you said to remove them the contents of that UUID folder would be removed.
Ah, glad that's sorted out :)

Actually, that didn't happen. I chose to delete the passwords from my Mac, and the contents of the UUID folder remained intact. So my guess is that it's one huge database residing in the files in the Keychains folder, i.e. everything in the login section, System section, etc. So no iCloud-specific files?
 

Weaselboy

Moderator
Staff member
Jan 23, 2005
34,262
15,878
California
Ah, glad that's sorted out :)

Actually, that didn't happen. I chose to delete the passwords from my Mac, and the contents of the UUID folder remained intact. So my guess is that it's one huge database residing in the files in the Keychains folder, i.e. everything in the login section, System section, etc. So no iCloud-specific files?
No they are definitely separate and that UUID one is the iCloud keychain. If you open Finder and note the modified date/time of both then make changes to both keychains you can tell.
 

job2

macrumors newbie
Original poster
May 30, 2010
28
0
No they are definitely separate and that UUID one is the iCloud keychain. If you open Finder and note the modified date/time of both then make changes to both keychains you can tell.
In that case it's strange that the contents of that folder weren't deleted when I disabled iCloud Keychain and chose to delete the passwords from my Mac. Because they were indeed gone from Keychain. Edit: But left was some application passwords, now in Local Items. So the content of the files must've gotten trimmed to reflect the new number of items in the keychain — a keychain that the iCloud and Local Items section share.

Either way, I guess all is good as long as I have a backup of my Keychains folder :)
 
Last edited:

DavidRCrowe

macrumors newbie
May 3, 2011
3
0
It's nice to know where the icloud keychain is. The login keychain can be accessed with the Terminal "Security" command line application. Is there any way to access the icloud keychain from the terminal?
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.