A Couple of Quick Mavericks iCloud Keychain Gotchas 

I’ve been using Mavericks for a couple of days now. I’m sure I’ll have more thoughts about it later (particularly about the multi-monitor support). But, right now, here’s a couple of gotchas that I found when using the new iCloud Keychain.

Turn on the ability to save passwords even when a website requests you not

Both on the desktop, in Safari, and in Mobile Safari on your iOS device, there’s a setting that controls whether or not you can autofill a password with your iCloud Keychain password. Since you probably want to control when you can autofill the password (not the website), you’ll want to override the default.

On the desktop, that’s in Safari’s Preferences, under Passwords. Down the bottom, there’s a little checkbox that says “Allow Autofill even for websites that request passwords not be saved”. Check that box.

Passwords

On your iOS device, go to Settings -> Safari -> Passwords & AutoFill, and turn on “Always Allow”.

Now you’ll never get that error message that you can’t use your saved password.

iCloud Keychain Doesn’t Save the Right Password if You Use PwdHash

I use a Safari Extension called PwdHash (that I actually created, built off of the open-source PwdHash extensions). PwdHash does a nice thing where it generates a new password for you on a site, based off of a password you know. That way, no matter what computer you’re on, or what browser you’re in (assuming you can find a PwdHash extension or bookmarklet), you can login to a site.

It’s pretty handy.

However, the way the Safari extension works (and this may be my fault), it picks up the password I typed in (my “master” password) and not the resulting hashed password after the extension runs.

…which means it ends up syncing the wrong password. That’s very possibly my fault, but could also be just a mechanism of how Safari/iCloud Keychain decides what to sync. It does mean that I need to be careful when saving passwords[1].


  1. However, as I go around creating new passwords, Safari’s new “suggested password” feature may make my need for the PwdHash extension moot.

     ↩