Keychain Access on Mavericks

Discussion in 'OS X Mavericks (10.9)' started by chartselle, Oct 30, 2013.

  1. chartselle macrumors newbie

    Oct 30, 2013
    Please bear with me, because I am not much of a tech person like most of you here. I just don't have the time to go to have my computer checked out by anyone for a while, so I thought I might give this a shot. That being said:
    Different messages keep popping onto my computer screen and I always have to re-enter passwords for keychain. I'm not just talking about the server password with Mail, but things like:
    Mail wants to use the "login" keychain.
    Keychain Access wants to use the "login" keychain.
    I've had similar things with iMessage, which acts as if things are sending, but when I ask people, they are not sending.
    I don't even think there is a complicated issue here, I simply do not know how to make it so that Keychain works automatically without me having to type in passwords into these pop-ups all the time. Thanks!
  2. Mr Rabbit macrumors 6502a

    Mr Rabbit

    May 13, 2013
    It sounds like your keychain is not unlocking when you log in. Out of the box Mac OS X is configured to sync the keychain password with your login password, the same one you use to install software updates and/or new applications, meaning if your login password is ABC123 then your keychain password will also be ABC123. This is done to avoid the situation you're in now, when both passwords are the same keychain unlocks when you login to your Mac using your password. This can be completely transparent as well if you use auto login, where you power on your Mac and it boots to your desktop without ever asking for a password.

    So, why has this happened? Typically when I've seen the login.keychain password go out of sync with your user password it has been a result of a password reset or password change outside of the normal process.

    Let's say you forgot your password, after a while you found that you could reset it using the installation media/volume that came with your Mac. Once you reset the password you're able to login, however that reset only affected your user password, it didn't touch your login.keychain password. This is a security feature. If one was able to reset someone's password, and in the process reset the keychain password, then they would be able to both login to the user and access all of the user's passwords and other secure items stored in the keychain. By not allowing a reset of the keychain password the intruder can access your user account but all of your passwords and secure items in keychain are still locked away under heavy encryption.

    How do we fix it?
    • Start by opening Keychain Access, located in /Applications/Utilities.
    • There will be a padlock in the upper left corner of Keychain Access, if it is unlocked click it to lock it. Then click it to unlock it, you should be prompted to enter the login.keychain password. Try your current password and any other passwords you can recall. Also try leaving it blank (your password is nothing basically). If one works be sure to make a note of it and move on.
    • Assuming you found a password that works, click on the Edit menu and choose "Change password for login.keychain"
    • You will be prompted to enter the current password (the one you just discovered) along with the desired password. The desired password, to avoid having to enter different passwords each time, should be the same as your user account. You can ensure this by opening System Preferences/Accounts & Users and using the same padlock in the lower left corner to test passwords.
    • Once the password is updated you can ensure it stays in sync (unless you forget your password and reset it elsewhere) by clicking on Keychain Access and selecting Preferences, then clicking on First Aid and ensuring "Synchronize login keychain with account"

    Lets say the login.keychain password already appears to be the same as your user password, the keychain could be damaged. You can run Keychain First Aid on it from the Keychain Access menu. This will verify it and attempt to repair it if needed.

    If that doesn't work, you couldn't determine your keychain password or whatnot, you can start fresh with a new login keychain. You'll lose any saved passwords (Mail, wireless networks, Safari saved items, etc) in the process but you can rebuild them by clicking "Save in keychain" whenever you have to fill in a password. To start a new login.keychain you can change the the name of your existing login.keychain to something like "old-login.keychain", which will preserve it in case you later remember the password. If you don't care about preserving it then you can send it to the trash. The login.keychain can be found in ~/Library/Keychains, where ~ is your username. A quick way to find this on newer Macs is to click on Finder, click on the "Go" menu and choose "Go to Folder", then paste in (without quotes) "~/Library/Keychains".

    Long winded, I know, but hopefully that helps out!
  3. paua macrumors newbie

    Nov 11, 2011
    Keychain Access

    Long winded Mr Rabbit but thorough and much appreciated. The repeated request for passwords is a problem for me using Mavericks (after a clean install) in spite of consistently keeping the identical keychain and system log-in. I went through your steps and changed both, rebooted, using the keychain first aid, and still no go. I reinstalled Mavericks and no change. Any suggestions gratefully received!
  4. michaelsviews macrumors 65816

    Sep 25, 2007
    New England
    Did you do a full erase first and then a reinstall? If you did that should have started you back at square one.
  5. st3v0 macrumors newbie

    Sep 4, 2012
    Keychain password requests

    I had the same issue. Tried numerous things to no avail. Eventually found that:
    1) Open Keychain Access
    2) Select Login keychain
    3) From the Edit menu select "Change Settings for Keychain Login"
    4) Make sure "Lock after inactivate" is not checked.

    I have only just done this myself but it seems to be working. Fingers crossed. But make sure you can actually write to Keychain. Change your password in Mail or something and check it gets written to the keychain item. I had permission issues too.

Share This Page