User profile for user: MaiKAimer
MaiKAimer Author
User level: Level 1
4 points

Apple Persistent State Encryption in Keychain

I was looking around in my Keychain Access App in the past few days and I noticed a weird phenomenon that the login item Apple Persistent State Encryption can randomly become unrestricted. Normally, every time I login to my account a new item of Apple Persistent State Encryption is created, with access set to "confirm before allowing access" and default access belongs to "talagent", and it is frequently modified (I guess it's normal system behaviour).


However, sometimes when I leave my M1 Macbook on for days, I notice occasions that the item Apple Persistent State Encryption access suddenly becomes "allow all applications to access this item" and remains such way until my next login. Is this behaviour intended by the system? From my best guess based on its description the password for Apple Persistent State Encryption is pretty confidential and should not be open for access by default. I am also not aware of any popup request asking for Keychain Access throughout my entire usage nor any abnormality. Any chance my Mac is compromised?


I didn't modify anything in Keychain Access and I was just observing what was there.


Any advice would be appreciated.

MacBook Air 13″, macOS 13.1

Posted on Dec 26, 2022 11:14 PM

Reply

Similar questions

3 replies
User profile for user: leroydouglas
leroydouglas
Community+ 2025
User level: Level 10
198,648 points

Dec 27, 2022 4:56 AM in response to MaiKAimer

MaiKAimer wrote:

I basically think the same as you do such that I won't touch anything there. I am just concern about if it's (or if it's not) an inherent security issue, either triggered by internal system bug, or unexpected third party application.

Basically what I wanted to ask was, is it normal that Apple Persistent State Encryption initially was access restricted to "talagent" but suddenly (under whatever scenario) opens unrestricted access to all applications by itself (which was what I observed)?


Normal.





Reply
User profile for user: leroydouglas
leroydouglas
Community+ 2025
User level: Level 10
198,648 points

Dec 27, 2022 4:51 AM in response to MaiKAimer

MaiKAimer wrote:

I was looking around in my Keychain Access App

default access belongs to "talagent", and it is frequently modified (I guess it's normal system behaviour).


I didn't modify anything in Keychain Access and I was just observing what was there.

Any advice would be appreciated.




If you have an associated issue then please explain what is that issue.


If it ain't broke don't fix it....



You can read more from the Get Info pane




macOS - Security - Apple macOS - Security - Apple

Apple Platform Security - Apple Apple Platform Security - Apple Support



If you are determined to drill down on the specifics of the inter-workings of the macOS you can


Call Customer Support (800) MY–APPLE (800–692–7753)

or on line Apple Support



Developer Forums - Apple Community

Reply
User profile for user: MaiKAimer
MaiKAimer Author
User level: Level 1
4 points

Dec 27, 2022 4:54 AM in response to leroydouglas

I basically think the same as you do such that I won't touch anything there. I am just concern about if it's (or if it's not) an inherent security issue, either triggered by internal system bug, or unexpected third party application.


Basically what I wanted to ask was, is it normal that Apple Persistent State Encryption initially was access restricted to "talagent" but suddenly (under whatever scenario) opens unrestricted access to all applications by itself (which was what I observed)?

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Apple Persistent State Encryption in Keychain

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up