In Keychain there are 19 Airport program passwords connected to unknown account. The names of those accounts are suspect to be modems / routers, e.g. UPC3726xx or SpeedTouch535Exx. I can check out all passwords of these accounts. The column 'Date Modified' shows the submission of these account within a few seconds.
I wonder what's going on. Does this indicate that my network is not secure?
Kind regards.
The image above is from the Keychain app on my Mac mini. At the time I took this screenshot, I had three AirPort base stations on the local network:
You will notice that each of these base stations have an AirPort base station password. This is the same as the base station's administrator password. Only the TC has multiple AirPort Disk passwords. That is because, the TC is sharing its internal hard drive over the network using both the AFP & SMB file sharing protocols. Both of these passwords are unique to the Apple base stations.
One thing to understand is that even if you no longer have one (or any) of these base stations any longer, these passwords still reside in your Mac's Keychain database. They are not automatically removed.
The rest of the list is found either as 'Program Password' or 'Airport-network Password'. None of them are listed as AirPort base station password' or 'AirPort Disk password'.
... and that is what you would expect for non-Apple routers.
Which version of OS X or macOS is your Mac running? (Note: The image I provided is from macOS Mojave, the currently latest version of Apple's operating system.)
The following article may be helpful in understand how the Keychain works:
Unfortunately, I haven't got a clue where to look for the information about modem, router, switches, etc. Can you please inform me where to look for these data?
First, is this network you home network or a network that you connect to at another location? Equally unfortunate, would be how to tell you how to determine this easily as it would be different on the networking equipment's manufacturer.
Going back to network security, if this is your own wireless network, then if that network is configured to use WPA2 wireless security and you change your wireless network's password periodically, then it should be as secure as it possibly can be at this point in time.
It's a home network, once in a while I connect to a government network.
I'm going to guess that either you connect to the government network remotely using a VPN or that you physically connect while present it a government location ... correct?
Regardless, this may be possible where the additional routers are showing up and logging into that network may be the reason that they are showing up in your Mac's Keychain.
...and guess it's not harmful to remove any suspect keychain
Yes, and no. I do not recommend just deleting items from the Keychain. It would be better to first make a backup of the Keychain, and then, create a new one if you suspect it has been corrupted.
The login Keychains are located at: ~/Library/Keychains/login.keychains Note: This file is automatically backed up with Time Machine and, if you enabled it, to iCloud as well.
Creating a new Keychain is a relatively easy process:
In Keychain there are 19 Airport program passwords connected to unknown account.
Passwords, related to an AirPort base station, would be found either as an AirPort base station password or AirPort Disk password under Kind in the Keychain. Are these "19 AirPort program passwords" in either of these categories?
I can check out all passwords of these accounts.
If you are able to determine what the actual passwords are, then somehow these Keychain items were saved under your user account.
Does this indicate that my network is not secure?
Potentially, anything is possible. How do you currently secure your network? What networking hardware (modem, router, smart switches, etc.) does it consist of?
Hi Tesserax,
Thanks for your reply. I'm checking out the dutch version so hopefully we'll refer to the same items in our conversation :-).
It looks even worse: when filtering on 'Airport' I count 58 items. In the Keychain Acces I behold four columns: Name, Kind, Date of editing and Keychain. Under Name I see a lot of possible suspect modems / routers such as in the given example, I recognize a couple of those devices as mine, such as my iPhone and an older network.
Under Kind the lists shows: 'AirPort base station password' and 'AirPort Disk password' which are related to my airport, both in the keychain 'Login'. The rest of the list is found either as 'Program Password' or 'Airport-network Password'. None of them are listed as AirPort base station password' or 'AirPort Disk password'. On august 5, there are 19 items within a few seconds apart.
The date of editing shows a variety from 2011 to december first, 2018.
Under Keychain it shows: System, Login, iCloud.
Unfortunately, I haven't got a clue where to look for the information about modem, router, switches, etc. Can you please inform me where to look for these data?
The network is wireless, secured by WPA2-personal.
Kind regards.
Hi Tesserax,
Thanks for your clarifying answers, I'm getting reassured already. Especially by your explanation toward the remaining passwords of former routers. But indeed, I should pay more attention to changing my wireless network password on a more regular base.
It's a home network, once in a while I connect to a government network.
I'm using macOS High Sierra 10.13.6, the Mac is late 2009, the modem is Mediabox XL, there's a wifi booster in a socket (both delivered by the internet host), the smart switches (the way to synchronize devices(?) works iTunes or iCloud, with the exception of one Windows 10 laptop and a Play station, every device is an Apple. I use an Epson XP-205, everything is wireless, including mouse, trackpad and keyboard.
Thanks for your link, I've started reading and guess it's not harmful to remove any suspect keychain
Kind regards.
Hi Tesserax,
The government network uses a a HDX connection. I don't make any physical contact on location.
I've removed some keychains without problems so far.
Thank you sincerely for all your help, you showed the way.
Kind regards.
You're very welcome!
Unknown accounts in keychain
