What is iCloud Keychain and how does it work?

Managing passwords and other personal data on multiple devices is complicated and difficult. Keychain is Apple’s attempt to make it easier. iCloud Keychain keeps your account names and passwords and other sensitive data safe and secure on your Mac, iPhone or iPad. Moreover, these details are synced between all your devices making it effortless to access the data you need. In this article, we will address the iCloud keychain in more detail and explain how it works. 

What is iCloud Keychain?

Have you ever used Safari on your Mac to create an account on a website and seen a message offering to create a secure password and store it for you? That’s Keychain. iCloud Keychain is the name Apple gives to the process of syncing Keychain data with all the devices connected to your iCloud account.

The Keychain can store passwords and usernames – if you manually type in account details on a website that’s not already stored in Keychain, it will ask if you want to store them so they can be filled in automatically next time. The Keychain can also store and autofill login details for apps in iOS, and for devices like your Wi-Fi router or any network-attached storage devices or servers you log into. And it’s thanks to Keychain that you can store credit card details and autofill them on shopping websites.

Tip

iCloud Keychain is, no doubt, a secure password manager. But, there’re other ways to steal your data without even accessing the iCloud Keychain. For example, connecting to open Wi-Fi hotspot you expose your Mac to the risk of a Man-in-the-Middle attack. It’s the type of attack when the hacker intercepts the data you send from your computer to a website/service. Avoid open networks and remove them from the Preferred Network lists using CleanMyMac X. This Apple-notarized software helps to keep your Mac clean and secure. Once you install and launch CleanMyMac X, choose the Privacy tab and scan your Mac for saved networks that are unsafe.

How does iCloud Keychain work?

There are a couple of different elements of iCloud Keychain: the bit that stores and syncs login details and credit card numbers, and the bit that generates passwords.

When you create an account for a website on your Mac, for example, Safari asks if you want to store your login details. If you agree, it will add them to its database. That database is encrypted and can only be accessed when you are logged into your Mac. The data in the database is synced using iCloud so you can use it on your other devices, where you’re signed in. 

If you go to the same website on an iPhone or iPad, it will offer fill in the details. But, because the database is encrypted, you need to authenticate using your passcode, TouchID, or FaceID.

How to access iCloud Keychain passwords in Safari? 

If you want to see what’s stored in iCloud Keychain on your Mac, you have two options, Safari and Keychain Access.

Here’s how to access your passwords in Safari:

  1. Go to Safari ➙ Preferences and click on the Passwords tab.
  2. Type in your user password.
  3. Scroll through the list of accounts until you find the one you want, or use the search bar to search for it.
  4. When you find it, click on it to reveal its password.
  5. If you want to delete it, press Remove.
  6. To manually add a new account, press Add. 
  7. If you want to see which credit card details are stored in iCloud Keychain, choose the AutoFill tab and press Edit next to Credit cards.
How to access iCloud Keychain passwords in Safari

How to manage your passwords in Keychain Access?

Keychain Access is an app in your Utilities folder that displays all the data stored in iCloud Keychain.

  1. Go to Applications ➙ Utilities and double-click Keychain Access.
  2. Choose iCloud in the sidebar, then Passwords.
  3. Unlike Safari, Keychain Access doesn’t just show account details for websites, but for everything you have an account for, including NAS drives and Wi-Fi routers.
  4. Keychain Access can also store secure notes. Click on Secure Notes, then the ‘+’ button to create one. 
How to manage your passwords in Keychain Access

Can your iCloud passwords be compromised?

While no system is perfect, iCloud Keychain is as secure as it should be. Your data is protected by end-to-end encryption using 256-bit Advanced Encryption Standard encryption. Data can’t be accessed by Apple, or anyone else while it’s in transit between your devices and Apple’s servers. It’s encrypted while it’s stored in iCloud. A unique key, derived from information about the devices and your passcode, protects data on in the iCloud Keychain making it impossible for anyone, except you, to access it.

What are the risks?

End-to-end encryption requires two-factor authentication. So if you don’t have that switched on, your data won’t bu fully protected. Also, to keep your data secure, you should make sure you are always running the latest version of iOS and macOS. 

The other risks are related to you, the user. While malware can’t compromise the encryption used to secure your data, it can trick you into giving away passwords or other data, and use that to gain access to your iCloud account. 

And, if you’re unlucky enough to download a keylogger virus, you will be particularly vulnerable. That’s because keylogger viruses record the keystrokes you type, including your user password when you use iCloud Keychain, and will then have access to all your passwords. So, you should scan your Mac for malware regularly, to make sure it’s clean. My favorite way to do that is to use CleanMyMac X’s malware module. It’s really easy to use, scans my Mac for malware with one-click, and means I don’t have to install a separate anti-malware app. It also removes keylogger viruses. It’s free to download and try out. So why not download it and give it a go?

CleanMyMac X’s malware module

iCloud Keychain is a great tool for storing usernames and passwords securely, and for auto-filling credit card details on various websites. It allows you to use long, difficult to guess passwords without having to write them down or store them insecurely. You can use the Keychain Access utility on your Mac to manage the data it stores, and create secure notes. 

As you for, security measures, make sure you have two-factor authentication enabled. It is also necessary to check your Mac for malware occasionally to avoid keyloggers and other malicious programs that may steal your sensitive data.

CleanMyMac X CleanMyMac X
CleanMyMac X

Your Mac. As good as new.