Tutorial: Resolving Keychain Issues
If you can't access your keychain, or forget your password If you can't get into your keychain file because you've forgotten your password or the keychain file appears to be corrupt, there are a couple of options.
First, if you've forgotten your password, you can use the "Keychain First Aid" utility to make the keychain password the same as the login password. This can be accomplished via the following process:
1. Open Keychain Access (located in Applications/Utilities)
2. Go to the "Keychain Access" menu and select "Preferences"
3. Click the "First Aid" tab
4. Make sure the "Synchronize login keychain password" box is checked
5. Close the Preferences window
6. Go to the "Keychain Access" menu and select "Keychain First Aid"
7. Enter your username and password
8. Click the "Repair" button
The second option is to completely delete your keychain then recreate it. This routine is useful if your keychain appears to be corrupt or otherwise inaccessible. This can be accomplished as follows:
1. Launch Keychain Access (located in Applications/Utilities)
2. Click "Show Keychains" in the lower-left corner of the window.
3. Select the problematic keychain from the left-hand pane.
4. Navigate to the "File" menu and select "Delete Keychain '(name of keychain)'"
5. Check all options for deletion and press "OK"
6. Create a new keychain by going to the "File" menu, then "New" and selecting
"New Keychain"
7. You can now make this keychain your default if you desire by selecting it, then
going to the "File" menu and selecting "Make '(name of keychain)' Default"
Login as root and perform repair In some cases, problems with keychains can only be resolved when logged in as the root user.
First, you want to enable the root user:
1. OS X Mountain Lion: Enable and disable the root user
2. OS X Lion: Enable and disable the root user
3. Mac OS X 10.6: Enabling the root user
4. Enabling and using the "root" user in Mac OS X
After enabling the root user, and logging in under this account, again open Keychain Access. First attempt repairs using Keychain First Aid, and failing that, delete then recreate the keychain as described above while logged in as root.
Persistently asked for stored passwords If you are persistently asked for passwords in various applications that you have specified should be remembered in a keychain, your "login" keychain may not be active for one reason or another.
Navigate to ~/Library/Keychains/ (this is the Library folder inside your user's home folder). Find the file named "login.keychain" and double-click it.
Failing that, select the "login" keychain within the Keychain Access application and make sure it is the default keychain by going to the "File" menu and selecting "Make 'Login' Default"
Turn off Keychain synchronization in applications having problems If specific applications are experiencing issues when accessing password-protected material, the Keychain may be to blame.
The above comes from an article published on MacFixit.com.
The following is fairly old, but may still work
Symptom: After applying an update or some kind of instance where a shutdown occurred, upon rebooting, Mac OS X will demand a password for System.keychain. No password will ever work, not even root.
NOW FOR THE SOLUTION...
WARNING: This assumes that you are competent with the command line AND you have a working copy of OS X somewhere else nearby, preferably on an external disk partition. I'm not going to explain the basics of using the Terminal or how to access both of your systems at the same time. If you are afraid of screwing up, simply reinstall Mac OS X and say a few prayers that it will fix itself (assuming that another Software Update won't mess it up again).
The problem lies with a file deep in the bowels of OS X. It's /var/db/SystemKey. What it does is that it tells Mac OS X how to unlock the system keychain. It only knows the System.keychain specific to the computer, so if you import another System.keychain as a replacement, SystemKey won't know how to unlock it and you'll keep getting the annoying dialogs prompting for System.keychain's password.
So without further ado, this is how to stop the annoying dialogs once and for all:
1. AS THE ROOT USER, you will need to copy over /var/db/SystemKey from a known good system to your problematic system. Make sure that you preserve the permissions (0400). It is advisable that you are NOT booted from your problematic system.
2. If you have a good System.keychain, copy that over to /Library/Keychains on the problem system. If you accidentally deleted System.keychain, you can execute the following (again AS ROOT):
/usr/sbin/systemkeychain -C -f
This creates a new, working, empty System.keychain and effectively overwrites the old keychain.
3. Reboot to your system. You will be presented with different, more familiar (Change, Change All) dialogs. If you had any passwords saved in your list of preferred networks, just put them back in.
