Keychain Access on the Mac is a great tool for storing passwords (which means fewer to remember). However, did you know it can do much more, such as store strong private notes and certificates?
Keychain is the password management system that was introduced with Mac OS 8.6 and has been included in all subsequent versions of Mac OS X and macOS.
Keychain Access is the app that stores your passwords and account info.
When you access a website, email account, network server, or other password-protected items, you’ll probably be given the option to remember or save the password. If you choose to save the password, it’s saved in your keychain; this means you don’t have to remember or type your password every time.
What’s more, you can use Secure Notes in Keychain Access to securely store confidential data. And it doesn’t have to be Mac or online-related data. You can store personal identification numbers (PINs) for a bank account, credit card numbers, confidential notes, cryptographic keys, and just about any item you want to access occasionally but still keep private.
To Create a Secure Note
- Launch the Keychain Access app and select Secure Notes
- Choose “File > New Secure Note Item”
- Type a name for the note
- In the Note field, type, or paste the information you want to preserve
- Click Add
To View the Contents of a Secure Note
- In the Keychain Access app on your Mac, select Secure Notes in the Category list.
- Double-click the note, then select Show Note.
- You’ll be asked for your keychain password if you haven’t selected “Allow all applications to access this item” in the Access Control pane.
- Type your login password to see the note, then click “Allow” or “Always allow.”
- If you want this note to be secure, don’t click “Always allow.”
You can also use Keychain Access to manage certificates. A public-key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the ownership of a public key. They’re issued by trusted organizations to validate websites, digital documents, and other web-based materials.
A certificate is only good only for a limited time before expiring. At that point, it has to be replaced with a newer version. The certificate authority can also revoke a certificate before it expires.
If you need to send a certificate to someone, you can export it using Keychain Access and then send it through email or by other means. Likewise, if someone sends you a certificate, you can add it to your keychain by dragging it onto the Keychain Access icon, or by using the Import menu in Keychain Access.
In the Keychain Access app on your Mac, select My Certificates or Certificates in the Category list.
Finally, you can also use Keychain Access to manage Keys, which, like Certificates, are data used to ensure encrypted communication with websites and services. You’ll probably never need to mess with ‘em.
However, if you want to be ultra-cautious, you may wish to delete all of your keychain info before selling or giving your Mac to someone else. Or you could do this if you’ve forgotten a password.
To Delete a Keychain
- In the Keychain Access app on your Mac, if keychains are hidden, choose “View > Show Keychains.”
- Select a keychain in the Keychains list
- Right-click and choose “File > Delete Keychain [keychain name]”
- Click Delete References
To Recover a Keychain
You can recover an item in a deleted keychain if you wish. Perhaps you deleted a keychain because you forgot the password, then remember your password later, you can recover the items in the deleted keychain.
- In the Keychain Access app on your Mac, choose “File > Add Keychain”
- Select the deleted keychain file