Keychain loop corruption

Hi,
I am administrator for 1,000 laptops at a school.  Since Apple abandoned Snow Leopard, I have noticed an annoying glitch in the keychain folder. This NEVER occurred in Snow Leopard, only in the OS's since (Lion, Mountain Lion and Mavericks). Here is the scenario:
Students must authenticate onto the local wireless network
After authentication, they must repeat the process to allow proxy access to the internet.
All students are issued a digitally rights managed text book. This can only be opened using Adobe Reader, nothing else. They must be on the internet to enter the user name and password for the digital rights.
They're students and will make mistakes. They sometimes try to open the textbook without loggin onto 1. the local network and 2. the proxy access to the internet. What happens is a nightmare to fix: very time consuming.
(This example is a small one. I've seen keychain folders with over 17,000 keychain corruptions (login.keychain.sb-[gibberish])!!!
Why is this occurring? To fix it, I have to trash the entire contents of the folder (User/Library/Keychains), forcing the user to enter all passwords all over again. I hope Cupertino fixes this in Yosemite because, as administrator of 1,000 laptops, this is killing my time managment!

WOW! This has been up just under 3 months. No one has a solution?

Similar Messages

  • Keychain and corruption

    Having lost a couple of hard disks to system software errors I am worried that I am more and more reliant on Keychain.
    I can't find any discussion on how likely it is to get corrupted and before I put my whole life in it's hands I'd like to know what can be done to safeguard my data [I am already using Time Machine].
    Cheers, Colin

    Thanks for that.
    I guess that I'd know instantly if Keychain was corrupted as there would be no such thing as partial corruption.
    It is not only the passwords I depend on it for, but also for lots of other bits and pieces one needs beside the password. I'm thinking of getting 1Password to create more secure individual passwords and assume that it is no more vulnerable than Keychain itself.
    Oddly I've not found any discussions (outside Apple) on either the security, or robustness, of Keychain.
    Cheers, Colin

  • 10.9.1 keychain loop

    Installed 10.9.1 from 10.9 this morning.
    I'm locked out due to a continuous stream of pop ups from different osx components
    and applications asking to use local items in keychain, and asking for my local
    Keychain password.
    It's not accepting my local keychain password. Click on cancel is getting me nowhere,
    As the pop ups keep on coming.
    So basically I'm locked out of my own computer, with apple software behaving
    Like a windows virus.
    I do not know how to get past this. Appreciate any advice
    Thank
    Jim

    Jim, Put it down to Christmas - the servers can't probably handle the amount of folk surfing the net!
    OS X: Keychain Access asks for keychain "login" after changing login password
    If you change your account's password using your Mac OS X Install disc (or if your network-based account password is changed due to a network admin forcing a password change), your default keychain password (which uses the same initial password as your user account) does not change. Because of this, you will be prompted to enter a keychain password each time an application requires authentication that your keychain would normally provide.
    Note: This doesn't happen if you change your account password using Accounts preferences.
    If you want your default keychain to be unlocked automatically when you log in, synchronize your Keychain Access and account login passwords by doing this:
    Open Keychain Access (you can get to it by choosing Utilities from the Go menu in the Finder).
    From the Edit menu, choose Change Password for Keychain "login."
    Type the former password of the account that you are currently logged in to, then click OK.
    If you entered the correct password, a new window appears; enter the original password again in the Current Password field.
    In the New Password field, type the password that matches your current account password.
    Re-enter the newer password in the Verify field, then click OK.
    If you don't remember your original (former) account password
    If you don't remember your original password, you'll need to delete the keychain. Deleting a keychain also deletes all the password data saved in that keychain.
    In Keychain Access, choose Preferences from the Keychain Access menu.
    If available, click the Reset My Default Keychain button. This will remove the login keychain and create a new one with the password provided.
    If Reset My Default Keychain is not available, choose Keychain List from the Edit menu.
    Delete the "login" keychain.
    The next time you log in to the account, you can save your current password in a keychain.

  • Keychain password corrupt

    All of a sudden, I am getting the message that my keychain password is not correct when I attempt to enter it. If I am using Chrome and click cancel, it fills in my saved password anyway. If I open the keychain access program, and attempt to see any of the passwords in this specific keychain, (not my login keychain) it tells me my password is incorrect. No one knows this password but me, I didn't change it and it was working fine yesterday. I have passwords in this keychain that I need to be able to see. I'm not sure what to do. I've already gone into time machine and restore the keychain that was there just prior to one change that was made to it yesterday.

    I just discovered my problem, for some reason, one of my shift keys is not working with only one letter. So, I actually have a different problem.

  • How Do I Use Keychains Properly?

    Hello
    I'm considering making more use of Keychains instead of an old fashioned paper notebook. I've tried reading the on-line help in the Help Viewer but I don't fully understand it all. I think that I'm missing some conceptual context. I was hoping that I could get a few answers to my questions here.
    1. I routinely use many web based application services that require me to log in before I can use them. One example is these Discussions Pages. Can I store my password in the keychain somehow and have Safari automatically fill in the form for me so I can just click the login button or even by-pass this step entirely? If so how?
    2. I am considering storing sensitive personal data such as bank account numbers, access codes etc. Secure Notes seem to be the right place to do this. Just how secure are they? The keychain seems to get backed up to my .Mac account. Is the information stored in an encrypted way there? I'm aware that any encryption can be cracked given a powerful enough computer and sufficient time but would like to get a feel for the risk I'm taking.
    3. There is a note in one of the help pages about allowing applications to access your keychain. It says: "IMPORTANT: If you select "Allow all applications to access this item" for an item in your keychain, you make it easy for a computer virus or other software to read the password.". My .Mac account and Mail synchronises on a regular basis often when my computer is unattended with the screen lock on. If I don't allow the applications to always access then they will stop unless I'm there to click the button and authorise it. Am I taking a big risk by selecting Always Allow for these individual applications involved in synchronisation?
    4. If I back my keychain up to a CD or USB drive using the .Mac backup utility. Is the data encrypted?
    5. Is there any way to access the data in your keychain without a Mac? I'm unfortunate enough to be compelled to use Windows at work. It would be handy to have the keychain on a USB stick just so I could look it up. I'd be surprised if Windows could automatically exploit the content but if there is a way, please let me know.
    6. How vulnerable is a keychain to corruption and what can you do to protect yourself against it? If I put loads of data in there without keeping a hardcopy record, I can just imagine something breaking and losing the lot. Is that likely?
    Apologies if these seem like dumb questions. I'm happy to be pointed at some overview material if it exists somewhere.
    Many thanks
    Ian
    PS sorry about the long post and thanks in advance to anyone who takes time to properly answer all this.

    Good question. I hadn't thought about it before. I so notice that on very dark photos I get better results moving the right level indicator to the left than I do when when using the shadows adjust. The shadows adjust really gives me a grainy/noisy appearance whereas the levels a much smoother and cleaner effect. Other than that I just play with them till it looks good to my eye.
    Do you Twango?
    TIP: For insurance against the iPhoto database corruption that many users have experienced I recommend making a backup copy of the Library6.iPhoto database file and keep it current. If problems crop up where iPhoto suddenly can't see any photos or thinks there are no photos in the library, replacing the working Library6.iPhoto file with the backup will often get the library back. By keeping it current I mean backup after each import and/or any serious editing or work on books, slideshows, calendars, cards, etc. That insures that if a problem pops up and you do need to replace the database file, you'll retain all those efforts. It doesn't take long to make the backup and it's good insurance.
    I've created an Automator workflow application (requires Tiger), iPhoto dB File Backup, that will copy the selected Library6.iPhoto file from your iPhoto Library folder to the Pictures folder, replacing any previous version of it. It's compatible with iPhoto 08 libraries and Leopard. iPhoto does not have to be closed to run the application, just idle. You can download it at Toad's Cellar. Be sure to read the Read Me pdf file.

  • System Keychain Issue?

    I am prompted to manually log into a network on startup. I've tried many things to fix it ... first aid, deleted airport preferences, deleted keychains, created new admin users, deleted networks, deleted passwords from the keychain, & even reinstalled the system twice. I had a similar problem with my mail preferences that were fixed when I reset the user keychains. My hunch at this point is that the "system" keychain is corrupted. Does anybody know how to easily reset the system keychain. My next step is a 100% clean install of the entire hard drive if I can't figure this out.
    Message was edited by: C G Weber
    Message was edited by: C G Weber

    Mokkdoom, give this a try:
    Open Keychain app. (Utilities folder).
    At the bottom left, under the sidebar, click on 'Show Keychains'.
    The top of the sidebar slides down to reveal keychains - click on 'System'.
    You'll see in the main large window to the right the keychain you need to delete (AirPort?).
    Delete it from the Edit menu (or the delete key on your keyboard). It'll be recreated next time you are asked for a password, but won't keep pestering you after that (if all goes well!).
    Go to the bottom left of the window and click on Hide Keychains.
    See if that does the trick. I can't claim credit for it - it's a problem/solution that's been mentioned often on these forums.

  • Keychain locks out my email accounts, how do I bypass it?

    I am asked for my password to open my Macmail accts but it will not accept them. Keychain is corrupting them somehow and I cannot get to my mail. Any ideas what to do? The passwords are correct but macmail will not save them

    Yep I tried that as well. It asks me for a password every time I open email. If I check to have Keychain remember it then the password is not recognized. If I do not check it the email acct. will open but I have to put the password in every time I use it. Very frustrating. I had Apple support helping to no avail and roadrunner support could not help. I have deleted and reinstalled it several times but only lost everything I had.

  • Keychain -- first problem

    I restarted my MacBook Air (latest version & 10.9.1) for the first time in a week (had been putting in sleep mode when not using) and am suddenly getting boxes asking for a password so that CalendarAgent, com.apple.internetaccounts.xpc, MenuCalendarClock iCal, Messages Agent, etc. can use the "login" keychain -- or "Local Items."  I can't get past these boxes.
    Frankly, I don't remember ever setting up a password for Keychain in past years, and I have never been asked for one like this before.  Passwords I've tried don't work.
    I have a 2 month old clone that I could pull a file from, but I think Mavericks hides this stuff nowadays. I could also just clone it back -- probably the best idea.
    Having had many Macs over the years, I have never run into this problem before!!

    Well, I moved my SuperDuper clone back to the MacBook Air and all is well.  The password that wouldn't work in Keychain was the right password because it works now. 
    Apparently, somehow Keychain got corrupted, but I have no idea how that happened -- never have seen the problem before and hope I never see it again.

  • Write access blocked on additional drives

    I recently had an issue with my Mac Pro with Leopard where it was stuck in boot loop. I followed the fix of using the disk utility off the Leopard disk to repair permissions and everything seemed to be fixed. Then, for no reason I can think of, after using Compressor to batch process some audio files and copying them to one of my extra internal drives, I lost my write access for all 3 of my extra internal drives. If I try and copy or delete a file on these drives I am prompted that I do not have sufficient access priviliges and I am ask to authenticate. If I choose to do so, and enter my admin password, I receive another error message stating it could not complete.
    If I check my account for admin rights and read/write access for these drives, I don't see my Account under Get Info. If I try and add myself under the Get Info window nothing happens, the account isn't added.
    I read this discussion but the person really didn't explain what they did to fix the issue:
    http://discussions.apple.com/thread.jspa?threadID=1282290
    I was curious if anyone had a quick to do list ofr getting this problem fixed?
    Cheers,
    -E

    Other users on your iMac can easily right-click on the external hard drive icon, get info and check the "Ignore ownership on this volume". Then everyone can read and write on the backup drive which probably isn't what you want. Theoretically, only users with admin rights can check that box, but there's plenty of ways to circumvent this.
    If you want to restrict access more, lauch Disk Utility and create a new Read/Write disk image with encryption on the external drive. This will take some time to create and ask you for a password. I'd recommend a strong password (use the password generator that pops up) and let it be stored in your keychain. This way, Time Machine won't ask you to enter the password to back up or enter time machine. You should write down that password though in case the internal hard drive fails or your home folder (including the keychain) gets corrupted. You will be required to enter the password to do a full restore from Time Machine.
    The downside of this is that the other users of your iMac can't use Time Machine at all.
    Per default, the Time Machine rights are so that you can only access your own home folder plus the shared and public folder (and other non-standard folders within anyone's home folder as it has no specific access rights). Try logging in from another account or the guest account and see if you can access your user account's backup files in, say /Documents. It should deny access and not even reveal the folder's contents.

  • Safari won't let me log into ATT wireless on my iMac

    I can get through on windows explorer but not safari. It goes into a loop. My # is already in the wireless box and I add password and it thinks for a minute and then returns with an error message to add phone number? any help would be welcome

    I can get through on windows explorer but not safari. It goes into a loop. My # is already in the wireless box and I add password and it thinks for a minute and then returns with an error message to add phone number? any help would be welcome
    Could be the keychain is corrupted..
    Quit Safari.
    Open Keychain Access  /Applications/Utilities
    Select Passwords on the left.
    Type   AT&T   in the search field to locate that keychain(s).
    Then right or control click the keychain(s), click Delete.
    From the Keychain Access menu bar click Keychain Access > Keychain First Aid. Click Verify, if necessary, click Repair.
    Relaunch Safari. From the Safari menu bar click Safari > Preferences then select the Autofill tab.
    Make sure User names and passwords is selected.
    Now select the Privacy tab in Safari > Preferences. Click Details. Type  AT&T  in the search field then click Remove All > Done.
    Now disable the Lion resume feature. 
    Open System Preferences > General
    Deselect:   Restore windows when quitting and re-opening apps
    Restart your Mac, try logging into the AT&T site.

  • MacBook pro 10.6.5 Wi-Fi problem

    I have MacBook pro 17 2.33Ghz, after update 10.6.5 and rebooot mbp don't connect to Wi-Fi. Always say "connection timeout". On 10.6.4 all work fine.

    sasa43 wrote:
    Try to flow the steps in this article:
    http://support.2wire.com/?page=view&article=46
    It doesn't matter if you have different kind of router, it's the password in your keychain got corrupted.
    Let us know!
    sasa43
    I tried that. Hope it helps.
    Before my try I've checked kernel.log:
    *Nov 18 15:21:31 prostart kernel[0]: Auth result for: 48:5b:39:xx:xx:xx MAC AUTH succeeded*
    *Nov 18 15:21:31 prostart kernel[0]: AirPort: RSN handshake complete on en1*
    *Nov 18 15:25:31 prostart kernel[0]: Auth result for: 48:5b:39:xx:xx:xx MAC AUTH succeeded*
    *Nov 18 15:25:31 prostart kernel[0]: AirPort: RSN handshake complete on en1*
    *Nov 18 15:33:31 prostart kernel[0]: Auth result for: 48:5b:39:xx:xx:xx MAC AUTH succeeded*
    *Nov 18 15:33:31 prostart kernel[0]: AirPort: RSN handshake complete on en1*
    *Nov 18 15:41:31 prostart kernel[0]: Auth result for: 48:5b:39:xx:xx:xx MAC AUTH succeeded*
    *Nov 18 15:41:31 prostart kernel[0]: AirPort: RSN handshake complete on en1*
    that was moments when wifi got dropped.
    Will see. Thanks!

  • ARD no longer shows "control computer", only "screen sharing avail"??

    I have been running ARD for well over a year on my iMac to manage several servers that are located far away from me.
    I normally use the "copy" feature to push new zip files of our Web site to the server when it is updated. When logging into ARD today, I noticed all the servers are no longer showing "Control". Instead they all have "Screen Sharing Available" listed in the current status column. When I go to copy my files from my local machine to the servers, I get an error: "This Task Will Fail - The remote desktop software is not active on www.servername.com".
    However if I select a server and then click the control button, I can still connect to the server fully and work with it?
    This has never happened before and I am at a loss as to the issue. I have had some changes to my local setup recently that may be the cause of the problem.
    1) Linksys router died, replaced it with a Apple Airport Extreme.
    2) Keychain got corrupted. Deleted the login.keychain file to rebuild a new one.
    I have restarted my iMac several times, and even restarted the servers to see if this would clear up the problem. No luck.
    If I try and drag-copy my zip files to the servers from my local machine after connecting via ARD, the window that asks if I want to send the file ignores my click on the "send" button and does nothing? Before this problem occurred I could easily drag-copy items.
    Does anyone know what could be causing this to occur or how I can reset/fix my ARD clients and servers?

    Okay I have figured out part of the problem and fixed it, although one issue still persists.
    I fixed the "Current Status" issue for my servers by adding port 5900 & 3283 to the port forwarding settings in my Airport Extreme via the Airport Utility application. I don't remember having port forwarding turned on for my (now dead) Linksys router, but I could be mistaken.
    Now I have a different problem. When I go to "copy" a file from my local machine to a remote server, I get a message that says "This task will fail: A console user is not logged in on www/servername/com"
    If I log into that computer first, I am able to copy items, but I remember being able to copy items to my remote servers before without having to first sign into them? Am I mistaken on this or have I uncovered another problem?
    Any help appreciated.

  • Home network connection question

    Why do you suppose that I'm always prompted for my password when I get on my home network? Same network, same password, etc. the only difference is that this didn't start until I switched from Tiger to Leopard.

    Perhaps your keychain became corrupt. Keychain management app is in your Utilities folder.

  • Constant Mail password problems...

    Always asks for password even though I 'save' option when entering password. Have gone into Key chain and redone all mail pasaswords. Reinstalled Mail. This has been going on for years with all my 15 or so Macs- not some new strange thing that just started. Always had problems with Mail passwords. Is there a definitive handle for this crappy app? Even if it was just a once a week handling, that would be better than every time I try and get Mail it asks for passwords! What a waste of our time!
    Dual 2.5 G5   Mac OS X (10.4.9)   6.5 GB
    Dual 2.5 G5   Mac OS X (10.4.9)   6.5 GB

    I just had the same problem but not only with mail - with all my apps. Seems the keychain got corrupt somehow. I called tech support and here's what they walked me through which worked for me - hope it works for you.
    1) Completely quit all your apps except for Finder and Dashboard
    2)Go to: Macintosh HD > Users > (Your Home Folder) > Library Folder
    Delete the Keychains Folder
    3) Then go to: Macintosh HD > Users > (Your Home Folder) > Library > Preferences Folder
    Delete file named com.apple.keychainaccess.plist
    4) Restart your computer
    Once you've booted back up test it out by opening Mail. It will ask you for the password once more, since you're basically starting a new keychain from scratch. Be sure the password is correct before you click the "Save Password in Keychain" box. I was told conflicting passwords is most likely what caused mine to become corrupt.
    Good luck, I hope that helps.
    iMac Intel Core Duo   Mac OS X (10.4.9)  
    iMac Intel Core Duo   Mac OS X (10.4.9)  

  • Access rights on external usb drives gets reset.

    Hi!
    I use external usb-drivers for backup. I don´t wont other users on my iMac to access this drives, so I have set the access rights for "Everyone" to *"no access"*.
    This works as intended, for a while... But for no reason what so ever, the access rights get´s reset to *"Read & Write"*. This might happen after a day or two..
    Anyone experienced the same? Anyone know why this happens, and maybe have a solution to this problem?
    Best regards
    Geir.

    Other users on your iMac can easily right-click on the external hard drive icon, get info and check the "Ignore ownership on this volume". Then everyone can read and write on the backup drive which probably isn't what you want. Theoretically, only users with admin rights can check that box, but there's plenty of ways to circumvent this.
    If you want to restrict access more, lauch Disk Utility and create a new Read/Write disk image with encryption on the external drive. This will take some time to create and ask you for a password. I'd recommend a strong password (use the password generator that pops up) and let it be stored in your keychain. This way, Time Machine won't ask you to enter the password to back up or enter time machine. You should write down that password though in case the internal hard drive fails or your home folder (including the keychain) gets corrupted. You will be required to enter the password to do a full restore from Time Machine.
    The downside of this is that the other users of your iMac can't use Time Machine at all.
    Per default, the Time Machine rights are so that you can only access your own home folder plus the shared and public folder (and other non-standard folders within anyone's home folder as it has no specific access rights). Try logging in from another account or the guest account and see if you can access your user account's backup files in, say /Documents. It should deny access and not even reveal the folder's contents.

Maybe you are looking for