Create a physical, removable USB-based Keychain

May 27, '03 09:22:00AM

Contributed by: launchpad

Taking a page from the good folks over at 2600.org, I've made the Keychain a physical key that has to be plugged into your computer to have access to all your passwords, using a USB hard drive (those little 16 to 128MB drives that start at around $30). It's cool, and it does add a bit of security to your system in case your laptop gets stolen, or your computer crashes and you lose all your passwords.

What you do is insert your USB drive into your USB slot, and copy your existing Keychain file over to the USB drive (in your home directory, ~/Library -> Keychain). Open up Keychain Access (/Applications -> Utilities -> Keychain Access), and go to File -> Add Keychain. Navigate to your USB drive, and select your keychain file. Once done, remove your old Keychain file from your Keychain folder, and voila, you have a removable Keychain (you might want to keep a backup of your keychain file though, just in case!).

Every time you log in, plug in your USB drive; for the best results, I usually plug it in before the computer has finished booting. The first time you use a program that accesses the Keychain, it will ask to unlock your keychain password; type the password in, and your keychain works from your USB drive.

The caveats I've discovered are this: to unplug your USB drive nicely (i.e. eject it from the desktop using the OS), you have to log out. Mind you, when I put my debugger hat on, I just unplugged the USB drive without doing it nicely all the time, and I haven't had a problem yet. Also, any programs that you have booting as a login item (like MSN messenger) will not work using the USB Keychain, because it seems the drive gets mounted after the login items are run.

I don't know if everyone will find it useful, and it's definitely not as technical as a lot of the articles I've read around here, but I've used macosxhints as a resource enough, I thought I'd contribute an idea.

Comments (36)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20030523192222638