On Jun 27, 2009, at 6:57 PM, Perry E. Metzger wrote:
Does anyone have a recommended encrypted password storage program for the mac?
System applications and non-broken 3rd party applications on OS X store credentials in Keychain, which is a system facility for keeping secrets. Your user keychain is encrypted with your login password, and items in it have application-level ACLs ("this credential can only be read by these applications"). The definition of "application" for the purpose of Keychain ACLs is derived from OS X code signing, so if someone tampers with one of your apps on disk, the resulting application won't get access to Keychain until you explicitly approve it.
You can inspect and modify your keychain with the Keychain Access application, which also allows you to add your own items.
-- Ivan Krstić <krs...@solarsail.hcs.harvard.edu> | http://radian.org --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
