How to Store Account Information with Keychains - dummies

How to Store Account Information with Keychains

By Mark L. Chambers

Your Mac OS X Snow Leopard account keychain stores all the username/password combinations for Web sites, file servers, File Transfer Protocol (FTP) servers, and the like, allowing you to simply waltz in and start using the service (whatever it is). Sounds handy, but you better watch your step.

  • Anyone can log on as you: If your keychain is unlocked, which happens automatically when you log in, all someone has to do is sit at your desk, visit a site or connect with a server, and bam! They’re on. As you.

  • You’ll forget your passwords: If the keychain file is corrupted, your passwords are lost. Either you’ve got them on paper hidden somewhere, they’re on your recent backup, or it’s time to change your online persona.

  • Keychains require yet another password: Your keychain can be locked (either manually or, with the right settings, automatically), and you have to remember yet another password/passphrase to unlock your keychain.

Anyone who’s interested in maintaining a well-locked-down machine shouldn’t use keychains. Unfortunately, Snow Leopard creates a keychain automatically for every user, so you have to monitor (and delete) your keychain data manually.

However, if you’re the only person using your Mac and it resides in your home and you absolutely must use keychains, you can display them all for the current account from the Keychain Access application, conveniently located in Utilities within your Applications folder. Click the Category tab and then click an item in the keychain list to display or edit all its information.

Keychains hold all your login information
Keychains hold all your login information

Anyone can display and edit server and site information just by launching this application!

To help lock things down — at least when it comes to your Internet communications — follow this path:

  1. Click the Passwords category (upper-left).

    Your password information displays.

  2. Click an Internet password to select it in the list and then click the lowercase i button at the bottom of the window.

    Information on that password displays.

  3. Click the Access Control tab.

    Select the Confirm before Allowing Access radio button.
    Select the Confirm before Allowing Access radio button.

    These security items will help protect your passwords.

  4. Select the Ask for Keychain Password check box.

    Click the plus sign button at the bottom of the Keychain Access window to add a new password. Type a name for the item, the username that you typically type to gain access, and the password for that server or site. Then click Add and cross your fingers.

To display all the keychains you can access, choose Edit→Keychain List. To create a brand-new keychain, choose File→New Keychain. Mac OS X prompts you for the filename for your new keychain file. In the New Keychain dialog that appears, enter a catchy name in the Save As text box. By default, the keychain file is created in the Keychains folder, but if you want to store it elsewhere, click the down-arrow button next to the Where list box and navigate to the desired folder. When you’re ready, click the Create button. Now you need to enter yet another password, type it again to verify it, and click OK.

To lock or unlock your login keychain, click the Lock icon at the top-left of the Keychain Access window. (Unlocking your keychain requires you to enter your login password. Go figure.)