Using keychains with .Mac, troubleshooting keychain issues

  • Last Modified: January 21, 2008
  • Article: HT1060
  • Old Article: 305146

Summary

You can use keychains with .Mac. This article applies to Mac OS X 10.4, 10.5 or later and contains troubleshooting information that you can use if you encounter keychain issues.

Products Affected

Mac OS X 10.4, .Mac, Mac OS X 10.5

This article covers the following topics:

About keychains and .Mac

Keychains help manage your passwords in Mac OS X. Keychains are also an important part of the .Mac experience, even though you might not be aware of them. Entering your .Mac member name and password in .Mac preferences in Mac OS X 10.4 and Mac OS X 10.5 Leopard or later also adds the information to your keychain. This allows the applications (Mail, Address Book, iWeb, Backup, iPhoto, etc) and services (Syncing, iDisk) that work with .Mac to automatically connect to your .Mac account with each use, rather than prompting you for your password each time.

Symptoms of a .Mac-related keychain issue

When your keychain is working successfully, you don't even know it's there because your .Mac experience works seamlessly. However, if your keychain has an issue, it can lead to various .Mac issues too. The symptoms may affect multiple .Mac services.

These are some symptoms of a .Mac keychain issue:

  • You're prompted for your password every time you try to connect to your iDisk from the Finder.
  • You're prompted for your password every time you check or send a message using your .Mac account.
  • You're asked to sign in when publishing to .Mac.
  • You're asked to sign in when creating a Photocast.
  • You're unable to connect to your iDisk to use Backup, or unable to take Backup out of "trial mode."
  • "Unable to access your .Mac username or password" alerts appear when attempting to sync.
  • "There was a problem with the sync operation. .Mac legacy client exited abnormally" appears when clicking the Sync or Advanced tab.
  • An "Error -2147415734" alert appears.

Quick check to see if your keychain is working as expected

For .Mac members, there is an easy way to determine if your keychain is working correctly for use with your .Mac account in Mac OS X 10.4 or later:

Mac OS X 10.5 or later

  1. Open System Preferences, and click .Mac.
  2. If you have not already done so, enter your .Mac member name and password.
  3. You should see "Signed into .Mac".
  4. Close System Preferences.
  5. Open System Preferences, and click .Mac.

If your keychain is working correctly, you should still be signed in and should not have to enter your password again.

Mac OS X 10.4.x

  1. Open System Preferences, and click .Mac.
  2. Enter your .Mac member name (as all lower-case characters) and password. Press Return after entering your .Mac password. (The number of dots in the password field may not match your password's actual number of characters, this is intentional.)
  3. You should receive a notice below your password that the password was valid, and below that information indicating how many days are remaining before your account expires or renews.
  4. Close System Preferences.
  5. Open System Preferences again, and click .Mac.
  6. Your .Mac member name and password should already be filled in, and you should still see the information indicating how many days are remaining before your account expires or renews.
  7. If the password field is blank in step 6, you may have a keychain issue.


First things to try

Get to your keychain

  1. To access your keychain, open Keychain Access (which is located in (/Applications/Utilities); or, from the Finder's Go menu, choose Utilities).
  2. In Keychain Access' lower left corner of the window, you should see "Show Keychains" or "Hide Keychains" (Mac OS X 10.4) or an up/down arrow icon (Mac OS X 10.5). If "Show Keychains" or a down approw icon appears, click it once. You should see something similar to this:

  3. In the upper-left corner of the window, select the top keychain named "login". (If you don't see "login," look for a keychain named the same as your Mac OS X account name. Depending on how you installed or upgraded to Mac OS X, the latter may appear instead of "login".)

    Note: Consider either "login" or the keychain named the same as your Mac OS X account as "your keychain" throughout the rest of this article.

    Important: Two keychains in this list, System and X509Anchors (or System Roots, in Mac OS X 10.5), are system-wide keychains. Do not delete, attempt to unlock, or do anything else to the System and X509Anchors keychains. Doing so may cause issues that could require a Mac OS X reinstallation.

Make sure your keychain is unlocked

The lock icon next to your keychain should appear open or unlocked (such as it appears above). If your keychain is locked, select it, then click the lock icon in the upper left corner. You will be prompted for your keychain password, which may be the same as the password of your Mac OS X user account.

Tip: If the keychain password is different from your Mac OS X user password (and you know the passwords of both), you should change your keychain password so that they match. This will allow the keychain to unlock automatically when you log in to Mac OS X (or when you automatically log in at start up).

Note: If you do not know the password to unlock your keychain, you will need to reset the keychain. Resetting a keychain create a new, empty login keychain without deleting the original (in case you later learn the original's password).

Make sure your keychain is the default keychain

Your keychain (login or the one named the same as your user account as noted above) should be the default keychain. The default keychain appears in bold letters. If your keychain is not the default keychain:

  1. Select the keychain in the Keychain Access window.
  2. From the File menu, choose Make Keychain '(login or account name)' Default.
  3. Quit Keychain Access
  4. Restart your computer, or log out and back in.

Try the steps in the "Quick check to see if your keychain is working as expected" section above, again. If it is still not working as expected, proceed to the next section of this article.

Verify preferences

  1. Open Keychain Access, which is located in (/Applications/Utilities). Or, from the Finder's Go menu, choose Utilities.
  2. From the Keychain Access menu, choose Preferences.
  3. In the First Aid tab, make sure all available selections are checked.
  4. Close the Preferences window.
  5. Click your keychain (login or account name), then from the Edit menu choose Change Settings for "(login or account name)" keychain.
  6. Make sure that the top two checkboxes are unchecked (deselected), and click Save.

If you changed any settings, quit Keychain Access, restart your computer, and try the steps from the "Quick check to see if your keychain is working as expected" section again. If still not working as expected, proceed to the next section of this article.

Use Keychain First Aid

Use Keychain First Aid to determine if there are other issues with your keychain. Run Keychain First Aid, and let it try to repair any issues it encounters.

After running Keychain First Aid, quit Keychain Access, restart your computer, and try the steps from the "Quick check to see if your keychain is working as expected" section again. If still not working as expected, proceed to the next section of this article.

Delete the .Mac keychain entry

Your .Mac keychain may need to be re-created.

For Mac OS X 10.5

  1. Use Keychain Access to delete all items whose kind is ".Mac password".
  2. Restart your computer, or log out and back in.
  3. Try the steps from the "Quick check to see if your keychain is working as expected" section again. If still not working as expected, proceed to the next section of this article ("Reset your keychain").

For Mac OS X 10.4

  1. Use Keychain Access to delete all items whose kind is ".Mac password".
  2. Restart your computer, or log out and back in.
  3. Try the steps from the "Quick check to see if your keychain is working as expected" section again. If still not working as expected, proceed to the next section of this article ("Reset your keychain").

Reset your keychain

If all else fails, you may need to reset your keychain. This will create a new default (login) keychain for you. Your original keychain is set aside, but not deleted.

  1. Recreate the keychain.
  2. Quit Keychain Access.
  3. Restart your computer, or log out and back in.
  4. Try the steps from the "Quick check to see if your keychain is working as expected" section again.

Contact .Mac support if no other steps help

If none of these steps resolve your .Mac issue, please contact .Mac Support for further assistance.

Not helpful Somewhat helpful Helpful Very helpful Solved my problem