Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

An AppleScript to batch update Keychain passwords System
I use my personal PowerBook at work and have accumulated many Keychain entries for network shares, email and VPN access. Company policy is that passwords must be changed every 30 days, so once a month, I have to go through my login keychain (in Keychain Access) and update every keychain entry to use the new password.

Updating 100+ passwords manually finally became too tedious, so I've AppleScripted a solution. As Keychain Acces is not a scriptable application, this solution uses UI Scripting, and "Enable access for assistive devices" must be enabled in the Universal Access System Preferences panel.

The script prompts the user for the old password to replace and the new replacement password, and then proceeds to open every keychain item and will require user assistance to show the associated password. If you know a specific keychain item is not applicable, you can choose "Deny" and the script will continue. Otherwise, you will need to enter the password for your login keychain and then "Allow Once," or "Allow Always" if you want the password immediately accessible in the future. (It would be really nice if there were a sudo-like timeout so that you could enter your login password once in a session (or once for five minutes) and edit all that keychain's items.)

Only matching passwords will be modified.

[robg adds: I haven't tested this one...]
    •    
  • Currently 2.50 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (2 votes cast)
 
[10,987 views]  

An AppleScript to batch update Keychain passwords | 7 comments | Create New Account
Click here to return to the 'An AppleScript to batch update Keychain passwords' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
An AppleScript to batch update Keychain passwords
Authored by: adrianm on Sep 21, '05 12:04:27PM
Does app "Keychain Scripting" allow scripting of keychain?

[ Reply to This | # ]
An AppleScript to batch update Keychain passwords
Authored by: lrosenstein on Sep 21, '05 01:42:29PM

The separate Keychain Scripting application is the way to go. It provides good scripting support for keychains.



[ Reply to This | # ]
An AppleScript to batch update Keychain passwords
Authored by: my_breath_smells on Sep 21, '05 02:32:53PM

Where is Keychain Scripting? I can't find it on my Tiger system (yes, I've used spotlight).



[ Reply to This | # ]
Excellent
Authored by: jscotta on Sep 21, '05 06:29:35PM

Combine Keychain Scripting app with a one of the password generation applications and that would make keeping a huge number of passwords different and powerful with a minimum of fuss. Of course, you would need to be able to script the various applications to automate the actual setting of the passwords in the secured application.

---
Windows because I have to. OS X because I want to.



[ Reply to This | # ]
An AppleScript to batch update Keychain passwords
Authored by: stevanreese on Sep 21, '05 02:54:30PM

/System/Library/ScriptingAdditions/Keychain Scripting



[ Reply to This | # ]
An AppleScript to batch update Keychain passwords
Authored by: baltwo on Sep 21, '05 06:39:58PM

Also, see the thread at http://discussions.info.apple.com/webx?13@61.N8pxaXefTWh.0@.68b66074/8 WRT to scripting the keychains.



[ Reply to This | # ]
An AppleScript to batch update Keychain passwords
Authored by: covisp on May 23, '07 12:56:34PM

That links doesn't appear to work.


---
http://www.covisp.net



[ Reply to This | # ]