Latest in Forms

Image credit:

Mac 101: Keychain


The Keychain on your Mac is a little application buried in the Utilities folder in your Applications folder. I say buried because I think Keychain is sadly neglected by most users. Here are some things you can do with it:

  • Save web page passwords
  • Save login info (aside from websites, like your IM logins)
  • Save protected notes (secret stuff)

This 101 will be a little longer than usual, so I can show you how to use Keychain to store passwords and other secret things. Later, in our Secure Your Mac series, we'll talk about making a good password so all these things stay private. Full details on how to easily use Keychain after the jump.

Step One, Saving Passwords:
Let's make sure you are saving passwords into Keychain. Go to Safari, click the word Safari (drops down a menu), go to Preferences, then click on AutoFill. Make sure 'User names and passwords' is selected. This will tell your Mac to save all those name/password combos in Keychain. Note that Firefox, one of the more popular browser alternatives, stores passwords in its own password manager though Camino, a TUAW favorite, does share Safari Keychain entries. Not everything uses Keychain, but most everything does, and we're assuming you're just using more of what Apple gives you.

Step Two, Locating Saved Passwords:
mac os keychainAssuming you have actually gone to a website, entered in a username/password, and allowed Safari to save it (it'll ask if you want to save, which is nice) you may now open Keychain, located in the Utilities folder in your Applications folder.

See the category list? Kinda like playlists in iTunes, those are all the "things" Keychain can save for you. The Passwords can be opened up to reveal AppleShare, Application, and Internet.

AppleShare is for connecting to network drives, Application passwords are for things like AIM (that is, an application on your machine that needs to log in somewhere in order to work), and Internet is for all those web form passwords.

Of course, you can stay on All Items and just search in the upper-right corner of Keychain!

Point is, when you want to find your lost password, you can go here. You'll need to type your "admin password" which is the password you probably use to log in to your machine. NOTE: If you are not the "administrator" or your login doesn't work to open stuff up, ask whoever set up your machine-- they probably locked it down for good reason.

Step Three, Seeing the Passwords:
Looking in the large area to the right of the Categories you'll find all your saved stuff. The little blue @ sign is a web form password (like you might use to log in to Amazon or something). If you double-click one of these items, you'll see a window open with info, and at the bottom there's a little checkbox with "Show password" and a blank field next to it. Click that checkbox and yet another box opens. This is where you'll need that admin password (if you set up your own machine it'll be whatever you set your login password to be). You then check either Allow Once (safest) or Always Allow (less safe, because anyone can come behind you and re-open and see the password, but they still have to have your machine in their hands). Either one will then reveal the password for that account.


Tips and a gotcha

Let's say you have something that needs to be private, but you don't know where to save it. Maybe the PIN to your phone's voicemail. Well, in Keychain, go to File > New Secure Note Item... and bingo, a locked-down snippet of info in Keychain is yours. To see the data, you'll have to enter that admin password again. There's also a Notepad Widget for your Dashboad that'll make this a little faster.

Most of the time the Keychain is something you just "set and forget" but for those random times you need to get something you forgot, don't be afraid! If you have a .Mac account, you should also start backing up your Keychain data too, but we're hoping Leopard will automate this process as well with Time Machine. Until then, Apple has a way for you to back up your Keychain data without using a .Mac account.

The "gotcha" to all this? Well, if you forget or lose or never knew your admin password you won't be able to get in to see these things, so Keychain is only as good as that password, and only useful if you can gain access. That's the way security works, but that's why we started a series about securing your Mac.

From around the web

ear iconeye icontext filevr