Hacker News Viewer

Top 20

Recover Apple Keychain

by speckx on 3/30/2026, 5:21:49 PM

https://arkoinad.com/posts/apple_keychain_recovery.html

Comments

by: nabbed

Based on this description, it sounds like someone walking past your unattended desk and bent on disrupting your day but not stealing your data, could enter in a garbage password into the lock screen a few times and lock you out of your own laptop.<p>I guess the same also works for cloud accounts as well. I remember, back in the mid-2000s, trying to log into my hotmail account (never having failed to log in before) and getting a &quot;locked out due to too many bad passwords&quot;. So someone, only knowing my user account name (which was the same as my email address), locked me out of my own account. The problem was, I couldn&#x27;t remember what my recovery accounts were (I eventually figured it out).

3/30/2026, 8:34:36 PM

by: xd1936

It Just Works™... until you don&#x27;t want to take the default option. I&#x27;m sure your average user would just be SoL if going through this same experience.

3/30/2026, 8:24:41 PM

by: fastaguy88

Apple Keychain has a number of old bugs that have caused me to have to resort to this strategy several times. The most common problem is having a secure note that you can open, but then immediately disappears (closes). Copying over an older keychain database can sometimes solve the problem.

3/30/2026, 9:47:56 PM

by: dpark

Is there really no supported model for this scenario? Surely the point of an iCloud backup is that you can restore from the cloud rather than do a local hack to try to regain access to locked keychain db.<p>What happens if you just set up the device as a new machine and login to your iCloud like normal?

3/30/2026, 8:35:03 PM

by: zapkyeskrill

Good information to have. I was surprised by step 2 though (rm login.keychain-db). How can you be absolutely sure it doesn&#x27;t contain anything important and you won&#x27;t need it later?<p>I&#x27;d probably opt for a more defensive action here and just rename it (like the original reset did).

3/30/2026, 8:29:14 PM

by: bigiain

&gt; Still, I had assumed there might be some kind of master key that would handle this automatically during a password reset.<p>This assumption, by a clearly technical person, is a fundamental problem that keeps &quot;the rest of the world&quot; locked in to centralised services where that is true, and where that master key can be used against them by law enforcement, fascist regimes, and surveillance capitalists.

3/30/2026, 10:30:41 PM