MasterCard MarketPlace™
Tutorial: Keychain issues; resolving
If you can't access your keychain, or forget your password If you can't get into your keychain file because you've forgotten your password or the keychain file appears to be corrupt, there are a couple of options.
First, if you've forgotten your password, you can use the "Keychain First Aid" utility to make the keychain password the same as the login password.
This can be accomplished via the following process:
- Open Keychain Access (located in Applications/Utilities
- Go to the "Keychain Access" menu and select "Preferences"
- Click the "First Aid" tab
- Make sure the "Synchronize login keychain password" box is checked
- Close the Preferences window
- Go to the "Keychain Access" menu and select "Keychain First Aid"
- Enter your username and password
- Click the "Repair" button
UPDATE: Although Apple's documentation states that Keychain First Aid will synchronize the user login password with the keychain selected, we haven't been able to make this work in practice. If you have any additional information on performing this synch, please let us know.
Another option is to completely delete your keychain then recreate it. This routine is useful if your keychain appears to be corrupt or otherwise inaccessible.
This can be accomplished as follows:
- Launch Keychain Access (located in Applications/Utilities)
- Click "Show Keychains" in the lower-left corner of the window.
- Select the problematic keychain from the left-hand pane.
- Navigate to the "File" menu and select "Delete Keychain '(name of keychain)'"
- Check all options for deletion and press "OK"
- Create a new keychain by going to the "File" menu, then "New" and selecting "New Keychain"
You can now make this keychain your default if you desire by selecting it, then going to the "File" menu and selecting "Make '(name of keychain)' Default"
Login as root and perform repair In some cases, problems with keychains can only be resolved when logged in as the root user.
First, enable a root user account, as detailed in Knowledge Base article #106290 (briefly: open NetInfo Manager, located in Applications/Utilities, click the lock and enter the administrator password, then select "Enable Root User" from the Security menu and follow on-screen instructions).
After enabling the root user, and logging in under this account, again open Keychain Access. First attempt repairs using Keychain First Aid, and failing that, delete then recreate the keychain as described above while logged in as root.
Persistently asked for stored passwords If you are persistently asked for passwords in various applications that you have specified should be remembered in a keychain, your "login" keychain may not be active for one reason or another.
Navigate to ~/Library/Keychains/ (this is the Library folder inside your user home folder). Find the file named "login.keychain" and double-click it.
Failing that, select the "login" keychain within the Keychain Access application and make sure it is the default keychain by going to the "File" menu and selecting "Make 'Login' Default"
Turn off Keychain synchronization in applications having problems If specific applications are experiencing issues when accessing password-protected material, Keychain may be to blame.
For example, it appears that in some cases, failures in .Mac synchronization transfers are linked to issues with Keychain.
If you are having problems synchronizing data with .Mac servers, you may want to try the following process:
- Open System Preferences and access the .Mac pane
- Click the "Sync" tab
- Uncheck the "Synchronize with .Mac" checkbox
- Close System Preferences
- Re-open System Preferences and repeat steps 1 and 2
- Re-check the "Synchronize with .Mac" checkbox
If the above process does not re-allow synchronization, you may need to leave Keychain synchronization turned off in the "Sync" tab of the .Mac System Preferences pane.
MacFixIt reader Faisal writes:
"I believe the problem may be related to Keychain sync overwriting or mangling the .Mac information in the Keychain. By disabling Keychain sync I seem to be able to sync again without issue."
Like what you've found in this tutorial? Get more troubleshooting guidance (updated daily) by subscribing to MacFixIt Pro.
Resources
steps.
1. Change keychain password to something other than the login password.
2. Follow the steps in this article.
Result: keychain password is NOT syncronized to the login password. AFAIK,
there is no way to recover a lost keychain password.
1. Sometimes blank entries appear in the keychain. They'll disappear if you quit
& relaunch the utility
2. If another application unlocks a secondary keychain (I have a separate Clients
one), Keychain Access gets confused about its locked/unlocked state. Again a
quit & relaunch fixes it.
Cheers
password, if they ever new they had one. Happens, I guess, when someone else
sets up their computer for them and fails to emphasize how important it is.
And even when I do highlight the issue they sometimes forget. Ugh! What's
more, if you use the OS install CD/DVD to create a new login password it will
then not be synchronized with the extant keychain. More yuck! I've found the
easiest solution in most cases is to dispose of any existing keychains and start
over from scratch.
---
Don't anthropomorphize computers.
They hate that.
"Navigate to ~/Library/Keychains/ (this is the Library folder inside your user
home folder). Find the file named "login.keychain" and double-click it."
I can not find any such file. (OS X 10.3.9) The only file in this folder is
entitled with my username.
I have intermittent keychain problems. Decided to try the fixes:
"Navigate to ~/Library/Keychains/ (this is the Library folder inside your user home folder). Find the file named "login.keychain" and double-click it."
Double-clicking it seems to *create* a second "login" file (at left of panel in Keychain Access display). That concerned me. I used Keychain First Aid's verify & repair because it said keychain was not properly configured. Now that's evidently accomplished but I still have two (2) "login" entries in that left-hand listing (along with "Microsoft Intermediate Cert.", "System," "X509Anchors.")
"Failing that, select the "login" keychain within the Keychain Access application and make sure it is the default keychain by going to the "File" menu and selecting "Make 'Login' Default."
No matter which "login" keychain I select, when I go to the file menu in Keychain Access the selection "Make 'Login' Default" is gray (inactive), unable to be chosen.
Any ideas? (I'm using 10.4.9.)
They wouldnt stick in Entourage-or several other sites, and I would get bad network/certificate/login error messages;
I tried to rebuild everything from scatch., to no avail.
I still cant get at my hotmail, either through Entouage or the main Hotmail web page,
The MSN techs say they can see nothing wrong.
Sometimes my Gmail works, other times not.
- by balancedview January 8, 2008 1:04 AM PST
- I've had a similar problem recently.
- Like this Reply to this comment
-
(7 Comments)Changed the default Primary Admin/User password to a new value more memorable to the primary user.
Did the auto-login unset, reset to make auto login stick.
But now Safari etc. all want the old password to access keychain values.
Apple online web help says that Keychain First Aid will synchronize the keychain password with login password.
But it does NOT.
Have tried the various methods here as well, can so far find no way to make keychain pickup the new primary admin user password as ITS OWN.
Apple has messed up here. Keychain admin tools are either: broken, incomplete, or alledged to do things they cannot.
(this was on an intel mac mini, 10.4.9)