Keychain password: What is it, how to find and change it

visualisation of the keychain access logo on a mac

Thanks to password managers, the days of having to remember your password for every website are over. Apple Macs have one of the https://www.itpro.com/software/368077/best-password-managers-in-2022/best password managers available—Keychain Access, which stores all your passwords securely and will automatically fill them in when you are asked for them by a website.

Because it’s handled automatically, most Mac users will very rarely open the actual Keychain Access app. So in this article, we’ll explain everything you need to know about your keychain password—what it is, and how it can be changed.

What is Keychain Access and how does it work?

the Keychain Access app user interface

The Keychain Access app stores all your login credentials (Image credit: Apple)

The keychain password is a kind of master password. When you add a new password to your keychain, as you are prompted to do when you log in to a new website, you are giving your Mac permission to store and manage it. This means that, the next time you go to this website, your computer can fill the password in automatically. This process is managed through an app called Keychain Access.

As well as saving you time typing out your passwords, the keychain is a very useful tool when it comes to keeping your data secure. The fact that you don’t need to remember all your passwords means that you can use more complex, stronger passwords, and can avoid using the same one for multiple accounts.

You can open Keychain Access from your Applications menu, or by clicking on Spotlight (the magnifying glass icon that’s always in the top right corner of your screen) and typing Keychain.

Within the app, you’ll see your list of keychains—groups of login details linked by a keychain password. By default, you’re likely to see four: Login (most online accounts linked to this device), iCloud (accounts stored in the cloud and accessible on your other Apple devices), System (passwords, certificates, and keys for Wi-Fi networks you access), and System Roots (just certificates). You can also create a new keychain if you want to store a certain group of passwords under its own keychain password.

If you find your Mac asking you for your keychain password, which can happen when using or changing saved passwords, you may want to know what that password is and how to change it.

How to find your keychain password

The simple answer is that the password for all four default keychains will be the same as the user password you use to log in to your Mac. With recent Mac updates, these keychain passwords have become locked to the user password, so it is no longer possible to change one without changing the other. If you have lost your user password, you should look to Apple support’s advice for resetting it.

However, you may find your keychains’ passwords differ from your user password if changes were made to either before these updates came into place. If this is the case, then there’s no way to recover the keychain password, but you can reset it—see Method 3 below.

Method 1: Change the keychain password by changing your user password

Apple's user password pop-up

Your keychain password is usually the same as your Mac’s user password (Image credit: Apple)

The simplest way to change your keychain password is to change your user password, since by default they are the same. Your keychain password will be changed whenever your user password is changed.

In System Preferences, go to Users and Groups, select your account, and click Change Password. You will be prompted to enter your old password before choosing a new one. This new password will be the one to use next time you use Keychain Access to view a password.

Method 2: Change passwords for custom keychains

Keychain Access app's settings for changing password

You can only change the passwords of custom keychains from within the Keychain Access app (Image credit: Apple)

Within Keychain Access, you can’t change the password for the default keychains like Login and iCloud, but you can create custom keychains and set a separate password for these.

RELATED RESOURCE

Cyber resiliency and end-user performance

Reduce risk and deliver greater business success with cyber-resilience capabilities

FREE DOWNLOAD

Open Keychain Access through the Applications menu or through opening Spotlight and typing Keychain. To create a keychain, right-click on the left-hand menu and select New Keychain. You can set a name and password for the new keychain.

With this new keychain open, you can add keychain items—which consist of a web address plus a username and password with which to log in to that website—using the pen and paper icon in the top right.

You can change the password for a custom keychain at any time by right-clicking on it under the Custom Keychains section on the left-hand menu, and clicking “Change Password for Keychain _____.”

Method 3: Reset your keychain password if you have lost it

keychain access app's preferences menu

You can reset your Keychain from the Keychain Access app (Image credit: Apple)

If you don’t know what your keychain password is and it’s not the same as your Mac’s user account—which could be the case if you changed one of them before Apple’s updates stopped you from changing one but not the other—then you will have to reset it.

Open the Keychain Access app. In the menu bar at the top of the screen, click on Keychain Access and then select Preferences. A pop-up window will appear. In this, click Reset My Default Keychain.

All your stored usernames and passwords will be deleted, but you should be able to access your keychain, as the password will have been reset to your Mac’s user account password. You may need to log out of your Mac and log back in for these changes to take effect.

Summary

Apple’s Keychain Access is a very useful tool that makes logging in to your various online accounts quicker and easier.

Since the password for your default keychains is linked to your Mac user account, the way to change the keychain password is to change the user password. However, for more advanced password management, you may want to set up custom keychains.

Keychain Access isn’t the only password manager tool available. If you want to see what other options are on the market, see our guide to the best password managers.

Alex McOmie

Alex is a writer focused on providing insightful, actionable content that can truly change the way readers approach their finances. Alex has been writing as a freelancer for several years on a variety of topics including marketing, parenting, and customer relationships along with personal finance. He’s particularly interested in the way seemingly small adjustments can transform a person’s financial outlook.