Using keychains with MobileMe, troubleshooting keychain issues

  • Last Modified: October 31, 2008
  • Article: HT1060
  • Old Article: 305146

Summary

You can use keychains with .Mac. This article applies to Mac OS X 10.4, 10.5 or later and contains troubleshooting information that you can use if you encounter keychain issues.

Products Affected

.Mac, Mac OS X 10.4, Mac OS X 10.5, MobileMe

This article covers the following topics:

About keychains and MobileMe

Keychains help manage your passwords in Mac OS X. Keychains are also an important part of the MobileMe experience, even though you might not be aware of them. Entering your MobileMe member name and password in MobileMe preferences in Mac OS X 10.4 and Mac OS X 10.5 Leopard or later also adds the information to your keychain. This allows the applications (Mail, iChat, Address Book, iWeb, iPhoto, etc) and services (Syncing, iDisk) that work with MobileMe to automatically connect to your MobileMe account with each use, rather than prompting you for your password each time.

Symptoms of a MobileMe-related keychain issue

When your keychain is working successfully, you don't even know it's there because your MobileMe experience works seamlessly. However, if your keychain has an issue, it can lead to various MobileMe issues too. The symptoms may affect multiple MobileMe services.

These are some symptoms of a MobileMe keychain issue:

  • You're prompted for your password every time you try to connect to your iDisk from the Finder.
  • You're prompted for your password every time you check or send an email using your MobileMe account.
  • You're asked to sign in when publishing to MobileMe.
  • You're asked to sign in when creating a Web Gallery.
  • You're unable to connect to your iDisk to use Backup, or unable to take Backup out of "trial mode."
  • "Unable to access your MobileMe username or password" alerts appear when attempting to sync.
  • An "Error -2147415734" alert appears.

Quick check to see if your keychain is working as expected

For MobileMe members, there is an easy way to determine if your keychain is working correctly for use with your MobileMe account in Mac OS X 10.4 or later:

Mac OS X 10.5 or later

  1. Open System Preferences, and click MobileMe.
  2. If you have not already done so, enter your MobileMe member name and password.
  3. You should see "Signed into MobileMe".
  4. Close System Preferences.
  5. Open System Preferences, and click MobileMe.

If your keychain is working correctly, you should still be signed in and should not have to enter your password again.

Mac OS X 10.4.x

  1. Open System Preferences, and click .Mac (in earlier versions of Mac OS X, MobileMe is referred to as .Mac.)
  2. Enter your MobileMe member name (as all lower-case characters) and password. Press Return after entering your MobileMe password. (The number of dots in the password field may not match your password's actual number of characters, this is intentional.)
  3. You should receive a notice below your password that the password was valid, and below that information indicating how many days are remaining before your account expires or renews.
  4. Close System Preferences.
  5. Open System Preferences again, and click .Mac.
  6. Your MobileMe member name and password should already be filled in, and you should still see the information indicating how many days are remaining before your account expires or renews.
  7. If the password field is blank in step 6, you may have a keychain issue.


First things to try

Get to your keychain

  1. To access your keychain, open Keychain Access (which is located in (/Applications/Utilities); or, from the Finder's Go menu, choose Utilities).
  2. In Keychain Access' lower left corner of the window, you should see "Show Keychains" or "Hide Keychains" (Mac OS X 10.4) or an up/down arrow icon (Mac OS X 10.5). If "Show Keychains" or a down approw icon appears, click it once. You should see something similar to this:

  3. In the upper-left corner of the window, select the top keychain named "login". (If you don't see "login," look for a keychain named the same as your Mac OS X account name. Depending on how you installed or upgraded to Mac OS X, the latter may appear instead of "login".)

    Note: Consider either "login" or the keychain named the same as your Mac OS X account as "your keychain" throughout the rest of this article.

    Important: Two keychains in this list, System and X509Anchors (or System Roots, in Mac OS X 10.5), are system-wide keychains. Do not delete, attempt to unlock, or do anything else to the System and X509Anchors keychains. Doing so may cause issues that could require a Mac OS X reinstallation.

Make sure your keychain is unlocked

The lock icon next to your keychain should appear open or unlocked (such as it appears above). If your keychain is locked, select it, then click the lock icon in the upper left corner. You will be prompted for your keychain password, which may be the same as the password of your Mac OS X user account.

Tip: If the keychain password is different from your Mac OS X user password (and you know the passwords of both), you should change your keychain password so that they match. This will allow the keychain to unlock automatically when you log in to Mac OS X (or when you automatically log in at start up).

Note: If you do not know the password to unlock your keychain, you will need to reset the keychain. Resetting a keychain create a new, empty login keychain without deleting the original (in case you later learn the original's password).

Make sure your keychain is the default keychain

Your keychain (login or the one named the same as your user account as noted above) should be the default keychain. The default keychain appears in bold letters. If your keychain is not the default keychain:

  1. Select the keychain in the Keychain Access window.
  2. From the File menu, choose Make Keychain '(login or account name)' Default.
  3. Quit Keychain Access
  4. Restart your computer, or log out and back in.

Try the steps in the "Quick check to see if your keychain is working as expected" section above, again. If it is still not working as expected, proceed to the next section of this article.

Verify preferences

  1. Open Keychain Access, which is located in (/Applications/Utilities). Or, from the Finder's Go menu, choose Utilities.
  2. From the Keychain Access menu, choose Preferences.
  3. In the First Aid tab, make sure all available selections are checked.
  4. Close the Preferences window.
  5. Click your keychain (login or account name), then from the Edit menu choose Change Settings for "(login or account name)" keychain.
  6. Make sure that the top two checkboxes are unchecked (deselected), and click Save.

If you changed any settings, quit Keychain Access, restart your computer, and try the steps from the "Quick check to see if your keychain is working as expected" section again. If still not working as expected, proceed to the next section of this article.

Use Keychain First Aid

Use Keychain First Aid to determine if there are other issues with your keychain. Run Keychain First Aid, and let it try to repair any issues it encounters.

After running Keychain First Aid, quit Keychain Access, restart your computer, and try the steps from the "Quick check to see if your keychain is working as expected" section again. If still not working as expected, proceed to the next section of this article.

Delete the MobileMe keychain entry

Your MobileMe keychain may need to be re-created.

For Mac OS X 10.5

  1. Use Keychain Access to delete all items whose kind is ".Mac password". Note: It is normal to see your MobileMe keychain password entry referred to as ".Mac".
  2. Restart your computer, or log out and back in.
  3. Try the steps from the "Quick check to see if your keychain is working as expected" section again. If still not working as expected, proceed to the next section of this article ("Reset your keychain").

For Mac OS X 10.4

  1. Use Keychain Access to delete all items whose kind is ".Mac password".
  2. Restart your computer, or log out and back in.
  3. Try the steps from the "Quick check to see if your keychain is working as expected" section again. If still not working as expected, proceed to the next section of this article ("Reset your keychain").

Reset your keychain

If all else fails, you may need to reset your keychain. This will create a new default (login) keychain for you. Your original keychain is set aside, but not deleted.

  1. Recreate the keychain.
  2. Quit Keychain Access.
  3. Restart your computer, or log out and back in.
  4. Try the steps from the "Quick check to see if your keychain is working as expected" section again.

Contact MobileMe support if no other steps help

If none of these steps resolve your MobileMe issue, please contact MobileMe Support for further assistance.

 

Not helpful Somewhat helpful Helpful Very helpful Solved my problem