iCloud Keychain explained

Yesterday Apple added a new keychain feature to iCloud for users of OS X Mavericks and iOS 7.0.3. Your Mac and iPhone have always had a keychain, which stores passwords for you so that you don’t have to retype them every time you reconnect to WiFi or check your email. But now iCloud can be used to keep this keychain in sync across all of your devices. iCloud Keychain keeps track of passwords for WiFi, mail, Facebook, LinkedIn, third party apps and more. And it’s not only useful for syncing your passwords across devices. iPhone-only users will find that restoring from backups will be a much more seamless process.

What advantages does it have?

Passwords are retained across device resets or upgrades. When you get a new iPhone or if you decide to set up your software again, one of the most tedious parts of the process is re-entering all of your passwords because Apple and most third party software don’t keep those passwords as part of your iOS device backup. The next time you restore from a backup things should go much more smoothly. This is a great reason to use iCloud Keychain even if you only have an iPhone.

Easier shopping. Your credit card information can be entered automatically in Safari on Mac and iOS. Note that the keychain does not retain your card security code.

More secure passwords. Safari for Mac and iOS now have a password generator built-in, which encourages you to create a different, complex password for each website that you register for. It really is a good idea to have a different password for each website.

Are there disadvantages?

Security (maybe). This is a brand new feature it hasn’t had a chance to be fully vetted yet, though on the surface it appears to be quite secure. It uses the same security as standard iCloud features, with some additional layers of security on top. This is plenty for casual users, but if you are particularly sensitive to the security of your data, you may want to keep an eye out for reviews from security experts. If your data is owned by your employer you may want to ask them for guidance.

If I use a password manager do I still need iCloud Keychain?

There are lots of password management apps out there, and I believe that iCloud Keychain is a good supplement, not a replacement. I will continue to use 1Password. Most password managers are cross-platform and cross-browser. iCloud Keychain is only for Safari and only for Apple computers and devices. 1Password also makes it easy for me to keep track of my security questions. What’s my favorite food? I never know the answer to that question because it depends on whether I was in the mood for pizza or phở the day that I registered for that website. 1Password allows you to share a vault with another person. iCloud Keychain keeps passwords for your apps. iCloud Keychain logs you into WiFi and your system programs like Mail. They both have their advantages and niches, though there is a lot of overlap. If you don’t already have a password manager, iCloud Keychain is a great start and might be sufficient.

How do I manage iCloud Keychain?

On Mac: Applications > Utilities > Keychain Access (or search for Keychain Access using Spotlight). Choose iCloud from the list of keychains in the left column. From there you can edit, modify, and view your keychain entries. UPDATE: Some people are claiming varying levels of success with this. I’ll be performing some of my own tests with this soon.

On iOS: Settings > Safari > Passwords & AutoFill. You can manage website passwords from here, but as far as I can tell there is no way to manage WiFi or app passwords. You’ll have to do that on Mac.

How do I set up iCloud Keychain?

When you first install OS X Mavericks or iOS 7.0.3, you will be prompted to set up your keychain or to join your existing keychain. Just follow the instructions. You can find more specific details including how to set it up manually after you’ve installed the software in Apple’s iCloud Keychain FAQ.

What if I run into problems?

Apple has a fairly thorough troubleshooting document.