Mac asking for multiple "login" keychain app passwords but won't accept them
Solution 1:
If you mean annoying popups such as:
X wants to use the "login" keychain. Please enter the keychain password.
you need to type your correct keychain password (usually it's the same as your login password, unless you've changed it).
It happens, because different mentioned services (see the list via: sudo launchctl list
) trying to access your credentials which are encrypted and stored using Keychain (e.g. in ~/Library/Keychains/
) and your login.keychain
file is encrypted with different password than specified.
It's not likely you can fix it without specifying the right password, however you can try the following options (which can give you some clues):
-
You may want to disable specific services from accessing your keychain, e.g.
sudo launchctl list
sudo launchctl stop <job label>
Run Keychain Access from Utilities and invoke Keychain First Aid from the menu to verify consistency of your keychain configuration.
- Run Disk Utility and invoke Repair Disk/First aid in case there is any temporary glitch (from corruption of the file).
- Check your
~/Library/Keychains/login.keychain
, such as size, the last modified date and time (which can lead you to specific changes on that date) or any potential backups in that folder or somewhere else (login.keychain
). -
Try unlocking your keychain file from the command line:
$ security unlock-keychain ~/Library/Keychains/login.keychain
Using
-p
you can specify the password on the command line, so if you have list of potential valid password, you can write small brutal-force script.Try the same on older
login.keychain
files if you've to verify that it worked. -
Try dumping the content of keychain from the shell, e.g.
- Try
security dump-keychain
command which can be used to dump the contents of a keychain. -
Try
keychaindump
command which can read keychain file by hunting for unlocked keychain master keys located in the memory space of the securityd process, and uses them to decrypt keychain files.$ sudo ./keychaindump ~/Library/Keychains/login.keychain [*] Searching process 16 heap range 0x7feec8c00000-0x7feec8d00000 [*] Searching process 16 heap range 0x7feec8d00000-0x7feec9000000 [*] Searching process 16 heap range 0x7feeca000000-0x7feeca400000 [*] Found 4 master key candidates [*] Trying to decrypt wrapping key in ~/Library/Keychains/login.keychain [+] Found master key: XYZ [+] Found wrapping key: XYZ
Try the EnCase's
dumpkeychain
application, which works similar as above, see: Examining Mac OS X User & System Keychains.
- Try
Restore your
~/Library/Keychains/login.keychain
file from Time Machine or somewhere else, and unlock it manually (security unlock-keychain <file>
).- In Keychain Access Preferences try Synchronize login keychain password with account, however if you're not remembering your password, it rather won't help.
- The last resort would be to do Reset Default Keychain in Keychain Access Preferences which would revert it to factory defaults and create a new empty "login" keychain and your current default keychain will be moved aside, but not deleted. That means all remembered passwords are gone unless you've some of them remembered in the web-browser, but you can start storing them from scratch.
Solution 2:
Picking apart a failed keychain can be really problematic and fraught with persistent pop ups demanding passwords. You also run the risk of locking that account online with all the failed log in attempts.
Do you have a backup of the system from before the damage was done? If so, copying any new files (spreadsheets, photos, etc...) off the drive and wiping and reinstalling is often easiest.
If that's not an option, consider starting a backup. That will give you peace of mind that no matter what you try, you'll not lose any more files and data.
I would read how to make a new admin user - but don't delete any users yet, and if that is something you care to try - you can start backup and secure the files even if you need to wipe the account and just restore the files.
If you don't think you're up to making a new admin account - seek help - first from AppleCare or a local Apple store and/or someone that's tech savvy / local technician as fixing this will require some tools that could inadvertently lose your data.
Solution 3:
I had something very similar happen today on a virtual new install of Yosemite. I usually leave my MacPro running so I was surprised to see it was turned off this morning. I turned on the computer and logged in and checked some email and then logged out to run some errands.
When I returned some aspects of the login screen looked a bit off, but didn't pay to close attention. Login generated the series of pop up keychain access requests. I clicked cancel everytime and noted the following sequence of requests subjects: First little pig said, "give me access to CalendarAgent" second wanted "com.apple.iCloudHelper.xpc" ; next pig wants "minilauncher keychain login; next pig says, "give me access to MessageAgent; next wanted "accountsd" that was the miss spelling; next wanted "cloudd";; loop starts again.
I forced shutdown and did a "SafeBoot" no annoying piggies, but some anomiles and could get System Prefs for Display to function properly no option to rotate.
I checked the Security Prefs and the firewall was on, I unlocked and made some adjustments to apps allowed to access, I was surprised to see that iTunes was blocked, changed to allow and then turned Firewall on and locked it. Went back to display but no joy.
Did a shutdown command under black apple. Let machine sit for a while. Unplugged MacPro power cord waited, replugged and did a normal startup.
Login screen seemed somehow more normal. Signed in; went to display pref and reset to my standard settings for a dual monitor one landscape/ one portrait at different resolutions.
Computer seems to be working normally. I didn't really do anything other than the SAFEBOOT which does do some background tests and some resets/adjustments.
My best advice is to never give in to any requests you don't understand or seem out of place. First try SAFEBOOT, then a reset of PRAM, and a reset of the SRM which is the unplug from power.