Q: Keychain - how do I understand what I can remove?

I have a piece of software that's a list of items requiring a password. It's simple, easy to use, and isn't Keychain.

In the case of Keychain, I appear to have four different "keychains" and under each keychain there are six different categories. Some of these have many dozens of items under then, some with helpful names like "ids: message-protection key." Not a single thing anywhere in all this material was knowingly created by me.

If Keychain was exclusively "a list of items that required passwords" then yes, I would understand that that was what it was. Even then, I would need to understand (a) what all the other stuff is, and (b) how it got there, and (c) whether I can delete it, and (d) whether this would make the plague of pop up "Allow / Deny" requests to go away.

This is an addition to the original query...

Getting urgent... after weeks of occasional problems with annoying Keychain "Accept / Deny" pop ups, I now have a much more serious Keychain development.

I am getting pop-ups that say (one example): CalendarAgent wants to use the "login" keychain. Please enter the keychain password.

BUT...

The ONLY options are (1) to enter "the password" - whatever that might be: to repeat, I have NEVER knowingly used Keychain, so I have no idea what password it wants, never mind what accepting this would in fact mean, or (2) to hit Cancel. But hitting cancel simply brings the pop-up back - again and again and again. I cannot remove it from my screen, at all - it's sitting there right now in a corner.

HELP! I guess the next step is a cold reboot. But Keychain, which I never wanted, don't use, and has managed to collect reams of data despite my not using it, is now seriously interfereing with my ability to use my machine.

HELP. And thank you.

So it turns out - I should have thought to just try this - that the pws for Keychain were all my user account pws. How this all got locked, who knows, but I was able to unlock (by re-entering that pw several times for different keychains (? or different somethings) and now the pop-ups-from-**** have gone. Thank you!

However, in "unlocking" all this I still have NO understanding of exactly what I have unlocked, or what the implications of this are. It's scary to dsicover that a piece of software I don't understand has (apparently) been recording all sorts of stuff that I don't (as far as I can see) want it to record. Looks as if all the password items are "not saved," which is good. But what's a system root? What's a certificate? What are keys? What's the difference between a login item and a local item? Please understand, I really don't want to know the answer to these questions - I just want to know that I can set Keychain to be safe, invisible, and not doing anything I don't want it to be doing  - preferably without taking a computer science class.

Any help much appreciated.

OK, this is helpful, thanks. BUT...

There are many dozens of items in there. Most say "(password not saved)" but some don't. Can I jut delete them? Can I just delete or clear the whole login keychain? I still don't know why it's trying to save stuff, and I really don't want it to. If someone's first idea on trying to hack my machine is to look at Keychain, and I don't use Keychain, it just seems silly to have my pws lying around in there, however secure it's supposed to be.

Appreciate the help anyway!

I'm really still hoping for an answert to my original question:

I have heard it's not possible to unistall Keychain. Is there a way to "wipe" it safely and then make sure it never bothers me again? Or is there stuff in it that, despite never actively using it, I have to keep?

This thread is getting long, but alas I'm still no clearer on this. And it's interesting to discover just how many discussion threads are out there in which Mac users beg for this information... but can't get it.

It sounds (as ever I'm guessing, I'm not sure) as if one really does need Keychain to keep track of certificates, but that people who use Keypass, Dashlane etc do not need it to be storing passwords. But working out how to get Keychain to not store them AND not ask whether to store them, and in addition to delete only ones it has stored and not other things that may not be passwords (because many of the entries, even under the password list, are not recognizable) seems amazingly hard!

What's striking, across the dozens of threads I've looked at: experienced Mac users who are comfortable using Keychain are deeply (often angrily!) impatient with any desire not to use it, and seem to think those of us who want not to use it are idiots, as if (a) Keychain is clearly a safe and superior product and (b) comprehension of Keychain is installed in normal people at birth. BUT it's a product that obviosuly causes huge confusion and aggravation to many users - not surprising, given a user interface that looks like a nightmare about Redmond in the 1990s - who need a clear explanation of what it does and doesn't do, or what functions are or are not duplicated or superceded by other more recent products.

The bottom line: with all due respect to Mac, it's just not rational for a user to entrust passwords to "security" products the functioning of which they don't understand clearly. But worse still is to have a system on your machine which is doing this without your having ever intentionally set it up to do so, and which you cannot now (see above) work out how to tell not to do so... 

Still feeling stuck - any other ideas on how to master this would be gratefully received - by many people, from what I've read!