Welcome to MacForumz.com!
FAQFAQ    SearchSearch      ProfileProfile    Private MessagesPrivate Messages   Log inLog in

Keychain named login

  
   Macintosh computer (Home) -> System RSS
Next:  Motorola s9 bluetooth and iBook G4 not connecting  
Author Message
John Holt

External


Since: Nov 21, 2007
Posts: 1



(Msg. 1) Posted: Wed Nov 21, 2007 8:23 pm
Post subject: Keychain named login
Archived from groups: comp>sys>mac>system (more info?)
Many years ago I set my default keychain to a different name and of
course the password is different from my login password. All was well.

I have upgraded to Leopard, and during the update process, my default
keychain contents were copied to a new keychain named "login." I
deleted the keychain and made my old keychain the default; and all was
well.

I have applied the fixes as they come available, and one of the recent
fixes (10.5.1 I think) caused a keychain named "login" to appear again
(with the contents of the default keychain copied) and this time it
simply will not stay away. I delete it, and then it reappears at the
next boot. So far, it now comes back empty.

The original motivation for having a different default keychain name
was to protect the keychain contents. There was a security bulletin
that indicated that even with account password sync off, a password
reset would reset the password of the keychain named "login" as well.

Is there some setting that I missed which would keep the "login"
keychain from being created? Does anyone know if keychain password
security has been improved so that the password can not be reset?



Thanks,


--
John Holt

 >> Stay informed about: Keychain named login 
Back to top
Login to vote
Wayne C. Morris

External


Since: Jun 28, 2003
Posts: 509



(Msg. 2) Posted: Thu Nov 22, 2007 3:18 pm
Post subject: Re: Keychain named login [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
In article
,
John Holt <jdholt77_at_earthlink.net> wrote:

> Is there some setting that I missed which would keep the "login"
> keychain from being created? Does anyone know if keychain password
> security has been improved so that the password can not be reset?

If you set the Open Firmware password, and put a padlock on the Mac's
case so it cannot be opened, it'll block the ability to start up from a
different drive or partition, which ought to make it impossible for a
non-admin to reset your admin password.

(The padlock is necessary because it's possible to reset the firmware
password if you have physical access to the inside of the Mac.)

Details here:
<http://docs.info.apple.com/article.html?artnum=106482>

 >> Stay informed about: Keychain named login 
Back to top
Login to vote
Simon Slavin1

External


Since: May 16, 2004
Posts: 375



(Msg. 3) Posted: Sat Nov 24, 2007 7:35 pm
Post subject: Re: Keychain named login [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
On 21/11/2007, John Holt <jdholt77_at_earthlink.net> wrote in message
:

> Is there some setting that I missed which would keep the "login"
> keychain from being created?

No. Every account gets one. Each user can have a number of keychains but
gets access to one particular keychain (the one called 'login')
immediately after login.

You can create other keychains and put keys onto them. If you leave them
unlocked then the keys on them will be accessed as well as the ones on
'login'.

Simon.
--
http://www.hearsay.demon.co.uk
 >> Stay informed about: Keychain named login 
Back to top
Login to vote
Display posts from previous:   
   Macintosh computer (Home) -> System All times are: Pacific Time (US & Canada)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You can edit your posts in this forum
You can delete your posts in this forum
You can vote in polls in this forum



[ Contact us | Terms of Service/Privacy Policy ]