Related link: http://chuck.goolsbee.org/archives/14
I love my Keychains. I have two: my really, really secure one, and my normal every day one. My normal contains my passwords for things like my blogs, logins for the New York Times and Washington Post, and various other trivial passwords that I’m supposed to remember on a whim. My email and several other more critical things, like my bank logins and whatnot, remain hidden and secure in my sooper sekrit keychain. My friend Chuck discovered an infuriating behavior in OS X Tiger this week that makes me wonder about the security of the keychain feature:
On a whim, in MacOS X 10.4, because I was tired of my old login passwd, I changed it. No biggie, right?
I was presented with a dialog, basically saying “Your keychain password has also been changed.” …huh?
Bahhhh!!! No! I didn’t want that!
What’s worse is that he can’t change it back. Like my simple keychain, his simple keychain password is engrained in muscle memory. Unlike my simple keychain, his simple keychain password is short, and so Apple won’t accept it. The purpose of the keychain system is to allow many keychains with varying degrees of security, and increasingly difficult passwords. Is there a way that Chuck can go back to using his short, but secure, password?
Keychain Woes? Share on.