- Keychain (Mac OS)
Infobox software
name = Keychain
caption =
developer = Apple, Inc.
latest_release_version =
latest_release_date =
operating_system =Mac OS X /9
genre = System Utility
license = APSL
website = [http://developer.apple.com/documentation/Security/Conceptual/keychainServConcepts/index.html Keychain programmers guide]Keychain is
Apple Inc. 's password management system inMac OS X andMac OS 9 . It was introduced with Mac OS 8.6. A Keychain can contain various types of data:password s (Website s, FTP servers, SSH accounts,network share s,wireless network s, groupware applications, encrypteddisk image s), private keys, certificates and secure notes. The default keychain file is the login keychain, typically opened on login by the user's login password (although the password for this keychain can instead be different from a user’s login password, adding security at the expense of some convenience). In Mac OS X, keychain files are stored in ~/Library/Keychains/, /Library/Keychains/, and /Network/Library/Keychains/.It is free,
open source software released under the terms of the APSL.Keychains were initially developed for Apple's e-mail system, PowerTalk. Among its many features, PowerTalk used plug-ins that allowed mail to be retrieved from a wide variety of mail servers and online services. The keychain concept naturally "fell out" of this code, and was used in PowerTalk to manage all of a user's various login credentials for the various e-mail systems PowerTalk could connect to. Keychain placed these passwords in an encrypted file, and automatically returned them on command if the file was "opened" using a password.
The passwords were not easily retrievable due to the encryption, yet the simplicity of the interface allowed the user to select a different password for every system without fear of forgetting them, as a single password would open the file and return them all. At the time, this was a truly innovative concept that was not available on other platforms. Keychain was one of the few parts of PowerTalk that was obviously useful "on its own", which suggested it should be promoted to become a part of the basic Mac OS. But due to internal politics, it was kept inside the PowerTalk system and, therefore, available to very few Mac users.
It was not until the return of
Steve Jobs that Keychain was liberated from the now-dead PowerTalk. By this point in time the concept was no longer so unusual, but it was still rare to see a keychain system that was not associated with a particular piece of application software, typically aWeb browser . Keychain became a standard part of Mac OS 9, and was included in Mac OS X in the first commercial versions.Third-party adoption of Keychain has been somewhat spotty to date. Although most Apple software uses it (notably Apple Mail and Safari), and Macintosh-only applications such as Transmit and
Camino do as well, cross-platform applications such as Firefox do not use Keychain, sticking to other cross-platform solutions instead. Many programs continue to store their login credentials in plain text files, although this is becoming rare for newer programs. Recent versions of the Subversion command-line client use the Keychain on Mac OS X.ee also
*
Keychain Access
Wikimedia Foundation. 2010.
