Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Keychain - should the login keychain be unlocked?

B

bulldoze

macrumors regular
Original poster
Mar 15, 2011
229
51
I have google searched this but cannot find an answer. I was looking at the Keychain Access this afternoon and noticed that the login keychain was unlocked. I locked it but then could not view webpages unless I unlocked it again - is this usual behaviour or have I messed up the keychain somehow?

Thanks.
 
bulldoze said:
I have google searched this but cannot find an answer. I was looking at the Keychain Access this afternoon and noticed that the login keychain was unlocked. I locked it but then could not view webpages unless I unlocked it again - is this usual behaviour or have I messed up the keychain somehow?

Thanks.
Click to expand...


The login keychain locks itself whenever you log out of your account. Whenever you're logged in, it should be unlocked.

Or at least this is how I believe it works - I've written an extensive paper on iOS security and am inferring how the Mac handles things based on that. It would be the most logical answer however. Unlocked doesn't mean anything can access everything in your keychain. Locked however means nothing can without you entering the admin password.
 
  • Like
Reactions: Weaselboy, bulldoze and Goatllama
casperes1996 said:
The login keychain locks itself whenever you log out of your account. Whenever you're logged in, it should be unlocked.

Or at least this is how I believe it works - I've written an extensive paper on iOS security and am inferring how the Mac handles things based on that. It would be the most logical answer however. Unlocked doesn't mean anything can access everything in your keychain. Locked however means nothing can without you entering the admin password.
Click to expand...
Excellent! I know I'm not the OP, but I've had this question for a while as well, just never cared enough to look too far into it.
 
Goatllama said:
Excellent! I know I'm not the OP, but I've had this question for a while as well, just never cared enough to look too far into it.
Click to expand...

Well, glad to help :). For further reading if anyone is interested, I would first recommend looking into what is called private-public key cryptography. It's used almost everywhere today.
Then after that, Apple has a lot of documentation on how their security works explaining their various key levels and whatnot. It's all brillant stuff and sometimes it literally sounds like it's a spy film or something.
 
  • Like
Reactions: Goatllama
The login keychain is indeed unlocked by default and it matches the account password. It is possible to change this behaviour, but not recommended for the reasons given.
 
  • Like
Reactions: bulldoze and Goatllama
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back