Blog Home > Authentication Security > OS X Password Manager – Keychain Access Redemption

OS X Password Manager – Keychain Access Redemption


OS X password managerSeriously: what is the deal with the buzz surrounding an OS X Password Manager? I’ve been working on a Mac every day for almost a year now, and let me tell you – it’s a strange experience.  I’ve spent the majority of my life fixing, building, and using Windows machines, with Macs pushed off to the periphery somewhere.  I never really knew why – I just always preferred Windows over Mac. For its part, however, Mac is fantastic at providing a large array of services and capabilities without bloatware and any excess confusion.  The one thing that still doesn’t seem up to par, however, is finding a decent OS X password manager (SPOILER ALERT: It totally exists already, free of charge).

Now, don’t get me wrong here:  I’ve come to enjoy using my Macbook Pro very much – I get a lot of work done, I almost never hear the internal fan, and the only times this machine has crashed on me is when I’m running graphic design programs alongside remote desktop and editing programs – and that’s mostly because I’m impatient.

Honestly, it is no wonder why Mac OS X has seen an uprising in market share in recent years: they really are exceptional at functioning appropriately.  This, however, leads to a multi-platform environment, and that can be a nightmare for most IT departments to handle – especially when it comes time to find a decent OS X password manager, or the equivalent.  Joining the Mac machines to an Active Directory can help alleviate that stress/increased workload (I’ve written a White Paper that actually discusses this in more detail – check it out here), but that is just the beginning.  You know, there is a perfectly good reason why Apple has entirely devoted positions to supporting their own proprietary hardware – it’s not always easy!

In a world of password-driven security, however, a good OS X password manager is a critical necessity that most people either ignore completely, or become frustrated with all too quickly.

Built In OS X Password Manager – Keychain Access

To be honest, after using my Mac for so long (I’ve gone through multiple Updates, from Snow Leopard to Mavericks, Yosemite, and now, finally, El Capitan), I am baffled by the continued popularity of a request for a decent OS X password manager: it comes built in!

Of course, we have talked about this before – but Mac operating systems come equipped with iCloud Keychain Access – the Keychain for short.  In terms of password management, the Keychain acts a preinstalled password vault; whenever you type in a password, Keychain offers to save it locally to reduce the need to remember multiple strong passwords.  It is a useful feature, to be sure, but as an OS X password manager, it is not without its own flaws.

(Bonus:  Keychain Access also provides the capabilities to generate completely random, strong passwords to use on new websites)

Perhaps the biggest flaw is what happens when a user forgets the default password (as most of us are wont to do).  Worse still, if the account is actually synchronized with a network/Active Directory, changing the network account password DOES NOT change the keychain password, and the user must continually verify the keychain password to continue to benefit from its capabilities.  Even Apple states that, should the user not remember the original password for the keychain, the only recourse is to delete the keychain, along with all of the passwords stored within, and start over.

Nothing against Apple, but that’s not a solution – it’s a copout.

The Solution

Sure, you can always shell out for ANOTHER password manager and kick the Keychain to the curb altogether, but why not work with what you have?  For environments that require cross-platform password management capabilities, PortalGuard can be the solution that provides a simple method of joining Windows and Mac machines in one environment, without any added issues with password management.

Specifically, PortalGuard provides Self-service Password Reset functionality across both platforms, with a specific integration point for the OS X password manager fiends out there: password recovery.

By integrating PortalGuard within a cross-platform environment (or a Mac only one – we don’t judge!), you can get all of the default benefits of your existing OS X password manager, without all of the kinks.  Users can recover their existing password in plaintext, and go about resetting/updating as necessary without any extra hassle.

That’s not a copout or a stop-gap – that’s a real solution.


But hey, if you’re not convinced that the Keychain is a useful OX X password manager, let me know in the comments below! I’m always up to new ideas.

Password Reset

Please follow and like us:
Christopher Perry

Author: Christopher Perry

Christopher is a Technical Support Engineer and content generator here at PistolStar, Inc. He has a Master’s Degree in English from SUNY Albany, and enjoys reading and writing about all things: especially poetry, science fiction and fantasy. Christopher’s daily tasks see him using his customer service and IT experience to improve written content for PistolStar, Inc., while working with customers to provide the best experience possible.

Leave a Reply

Required fields are marked *.

Main menu