You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Website passwords in keychains deleted after Catalina update

After upgrading to Catalina, the website passwords -- but not app passwords, secure notes, certs, or keys -- were deleted from all keychains in `~/Library/Keychains`. Keychains stored elsewhere were not affected.


I use different keychain files for different purposes (personal, work, etc.). Many but not all of these are stored in `~/Library/Keychains`. I can see in the filesystem modification time that all the keychains in there were updated as of the time I upgraded to Catalina although many of these keychains haven't been unlocked in months. It seems there must have been some process as part of the upgrade that deleted things.


I ran the unix utility `strings` on the keychains which usually can reveal the names of items in a keychain database file. Unfortunately, it looks like the passwords in question have been completely deleted.


Notes:

  • MacOS Catalina 10.15
  • MacBook Pro (Retina, Mid 2012)
  • Safari Version 13.0.2
  • iCloud *not* used to sync the keychain


Possibly related: https://discussions.apple.com/thread/250700942

MacBook Pro

Posted on Oct 9, 2019 4:08 PM

Reply

Similar questions

17 replies

Dec 21, 2019 7:50 AM in response to davidfischer

The problem is not fixed. It took a while after upgrading but the problem manifested itself again by deleting a number of Internet Password entries.


One possibly related note is that I also constantly get popup notifications like "Reminders wants to use the <name> keychain." (mentioned https://discussions.apple.com/thread/250848128). These notifications can't be dismissed as hitting Cancel just pops it up again.

Jan 14, 2020 1:31 AM in response to davidfischer

I have the same issue here under Catalina 10.15.2: https://discussions.apple.com/thread/250948138

I called Apple Support without success, the problem is not fixed


PAY ATTENTION APPLE : Erasing secure and protected data by an unauthorized application is a very serious problem. This is more than a security breach, it is a system attack that erases sensitive user data in violation of data protection laws.


Oct 11, 2019 10:39 AM in response to davidfischer

Just to give a small update, I was able to recover all the individual entries for all my keychains from backups.


While restoring, I did find some (~50%, not all) "internet password" entries missing from a keychain stored outside of `~/Library/Keychains`. This particular keychain is mounted from an external drive and may have been in an older format. It had a `.keychain` file extension instead of `.keychain-db`. The keychains in `~/Library/Keychains` all had the newer file extension `.keychain-db`. Regardless, I'm really glad I had good backups.


It is also conceivable that this issue was caused by the Safari update rather than the Catalina update. I took them at the same time.

Oct 23, 2019 1:10 PM in response to davidfischer

I finally called Apple Support and got a resolution to this. It took a while but it did fix the problem.

The fix involved going into Time Machine and replacing files from the the Library/keychains in the updated Catalina OS with the older file. It also involved going into iCloud and logging out of my Mac and iPhon, deleting them and then re- adding them. Not something I would suggest for someone to do without the help of a Apple Support person.

Oct 26, 2019 5:25 PM in response to davidfischer

It gets worse... Catalina will delete the web passwords from your keychain more than once. It happened to me on the initial upgrade, and it continues to happen when I reboot, wake from sleep, and sometimes just idling. It will purge any Internet keychain entry on a regular basis.


The problem affects one file: ~/Library/Keychains/login.keychain-db. This is where the passwords are being wiped out. If you do not keep a backup of this file on disc or in the cloud, then there is no recovery and Catalina will regularly continue to delete your Internet passwords.


A temporary fix is to make a copy of this file every time you update it, for use as a replacement the next time you lose your passwords. It is also entirely possible that enabling iCloud keychains will make this problem go away. I do not put my passwords in the cloud so I have not tested this. Catalina just might assume everyone wants to use iCloud.


Possible causes that come to mind:

• Catalina just doesn't like Internet passwords in the keychain - there's not even an Internet category filter anymore

• Safari, where I have no passwords stored, is thinking that's the correct state so passwords in the keychain need to be removed

• iCloud, where I have no passwords stored, is thinking that's the correct state so passwords in the keychain need to be removed, and it's ignoring the fact that I do not have iCloud keychains enabled and editing the database anyway


Keychain Access used to have a First Aid option to repair its data. Anyone know what happened to that feature? May not be relevant since they changed storage formats from .keychain to .keychain-db.


Apple support pretty much just told me you need to restore from a backup or use iCloud. I won't get into the incompatibility between Catalina and Mojave when it comes to Time Machine... But they did acknowledge that the developers need to look at this at least. Apple, I hope you can find the solution! Keychain has worked amazingly well for me for years, I'd rather it continued to work than switch to a third party. Without being forced to use iCloud, please.

Nov 8, 2019 1:30 PM in response to TeknoJKD

I just wanted to confirm that this bug is still present in 10.15.1 (19B88).



TeknoJKD wrote:

It gets worse... Catalina will delete the web passwords from your keychain more than once. It happened to me on the initial upgrade, and it continues to happen when I reboot, wake from sleep, and sometimes just idling. It will purge any Internet keychain entry on a regular basis.

I experienced this as well for the first time after upgrading to 10.15.1. Immediately after the upgrade, I checked my keychains and all the passwords were still there. However, the next day -- I haven't rebooted since the upgrade -- the passwords were deleted and required being restored.

Nov 10, 2019 1:02 PM in response to davidfischer

Good to know. Was hoping for 10.15.1, but now maybe 10.15.2 coming up...?


I just ran a test (now in 10.15.1 as well) to maybe help determine if it's iCloud pushing a wipe to macOS and the keychain. Verified that my keychain contained Internet passwords, and then disconnected from the Internet. Was going to leave it offline all day, expecting the passwords to remain intact until going back online... Incorrect assumption! It took less than two minutes after unplugging for the passwords to vanish from the keychain again.


UX 101: When performing a destructive operation you ask for confirmation, especially if it's critical data, and/or where retrieval is not simple. Variations of this core concept have appeared in the Apple Human Interface Guidelines since the 1990's... At the very least we need to be warned when this is going to happen, and be given an opportunity to decline the operation. At best, this behavior will just stop, and hopefully soon. I will be reporting this bug every version change to Catalina until it is fixed.

Dec 13, 2019 1:12 PM in response to davidfischer

Catalina 10.15.2 is still broken, website passwords are being deleted without warning.


You'd think this would be a high priority - losing bank account passwords, tax systems, health care, is the kind of thing that could end up in a class action lawsuit. Or so I would be thinking were I a product manager anyway. Assuming of course, that this got escalated at some point beyond intro tech support.

Dec 19, 2019 2:33 PM in response to TeknoJKD

I just took the 10.15.2 (19C57) upgrade last night. While only time will tell for sure, I didn't have to restore my keychains after the upgrade and I haven't yet had the problem so far today. There wasn't anything in the release notes about fixing this so it may just be coincidence but I had to restore my keychain immediately after the 10.15.1 and 10.15(.0) releases.


I'll keep the thread updated.

Feb 1, 2020 1:55 AM in response to moi160

Catalina 10.15.3 has just been released but does not fix the bug.


Despite many discussions on the forums dealing with this problem, Apple remains deaf.

I contacted Apple support and opened a complaint file;

I contacted Apple product security and provided the information;

I contacted Apple Feedback assistant and opened a comment;

What else can i do?


I have received no response from Apple, not even information that the problem is under investigation. It is serious, very serious, not to be able to guarantee the security of personal data and worse to seem to ignore it!

APPLE DO YOU HEAR THIS?

Website passwords in keychains deleted after Catalina update

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.