password safes for mac

Jerry Leichter leichter at
Tue Jun 30 06:37:39 EDT 2009

On Jun 28, 2009, at 4:05 PM, Ivan Krstić wrote:
>> Does anyone have a recommended encrypted password storage program for
>> the mac?
> System applications and non-broken 3rd party applications on OS X  
> store credentials in Keychain, which is a system facility for  
> keeping secrets. Your user keychain is encrypted with your login  
> password....
Which brings up a question I've had about keychain:  Keychains can be  
synced across Mobile Me, and the login passwords of different machines  
that sync their keychains don't have to be the same.  How is the key  
transformation accomplished?  Does the central server know all the  
login keys?  Or ... what? It's all very convenient, but the security  
implications scare me.

Note that for all other keychains, there's no problem just syncing the  
encrypted keys, since you have to explicitly enter the password at  
each machine to unlock the keychain.  (I put all my high-value keys in  
secondary keychains for this and related reasons.)
                                                         -- Jerry

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list