Just How SECURE is Keychain?

[lugesm]

I have used my iMac for about 9 months now, and I have never saved a password in Keychain, for fear that it might not be a really secure place to store such vital items.

Question: Is it possible for a hacker to break into my computer and open the Keychain utility and retrieve my passwords and other data?

If this question has been answered elsewhere, please advise; but I have not been able to resolve the question.

Thanks,
L

 

[mrwizardno2]

Keychain, to me, seems pretty secure. I create separate keychains for different apps. Safari gets its own, which is set to lockout after a few moments of inactivity - and with a different password than my login keychain. I think this helps keep it more secure because it makes me stop and wonder each time why a particular site is asking for anything from within it.

It's all encrypted - and I trust it more than the "feature" in Firefox to remember passwords. At least the applications have to request access before they're allowed to decrypt any of your data stored inside.

You can set each keychain to allow only whatever application you want to access it. Like my Adium chain is only accessible to Adium. If another app were to try to read it, I'd be very suspicious of what it was doing.

Now, technically - I can't answer how securely encrypted it is or any of that. But based on perception of my use of it, it is quite handy and makes me feel as if it is safe enough to entrust my password to MacRumors

 

[AdeFowler]

Assuming that your Keychain is password protected (which it is by default), it's as safe as anywhere else on a computer to keep sensitive information. You can change the default Keychain from 'login' by creating a new Keychain and making it the default. You can then give this its own password.