This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.
Importing OSX keychain
I feel really stupid asking this because I'm sure it has a simple answer, but I can't find it. How to I import logins from the OSX login keychain into 1Password? I know I did this when I set up my own 1Password a couple of years ago, and I though it was almost automatic. But now I've finally convinced my wife to switch to 1Password, and when I try to set it up on her iMac I don't see any way to import her keychain passwords.
Ralph
Ralph
Flag
0
Comments
-
Thanks, that did it. It might be worthwhile noting that in the docs somewhere as a way to transfer the login keychain. If it's there, I didn't come across it.
One more thing. On my computer, 1Password show the number of items in each of the categories in the list on the left -- logins, accounts, folders, etc. In the 1Password I just installed on my wife's computer, the numbers don't show up. I do see any preference for that in the preferences. How do I get the numbers to appear?
RalphFlag 0 -
[quote name='rstrauch']Thanks, that did it. It might be worthwhile noting that in the docs somewhere as a way to transfer the login keychain. If it's there, I didn't come across it.[/QUOTE]
I'm glad that you got your browser login information imported into 1Password okay.
[QUOTE]One more thing. On my computer, 1Password show the number of items in each of the categories in the list on the left -- logins, accounts, folders, etc. In the 1Password I just installed on my wife's computer, the numbers don't show up. I do see any preference for that in the preferences. How do I get the numbers to appear?[/QUOTE]
Because users quite often like to quickly "flip" this setting we "hid" this as a menu option, not as a Preference. :) Please choose the View -> Show Item Counts menu option. Everything that you current see in the View menu can be thought of as Preferences that will stay around until changed.Flag 0 -
I'm just about to carry out this import (OS X, 10.6.6, Apple keychain > 1Password 3.5.7).
So far tests have one odd aspect: the length of time to do it.
Should I get the 'Please wait while passwords are imported from the browser' message for several minutes?Flag 0 -
Hi Mark, I assume you’re the same Mark that I’d been talking to via email?
If not, please do contact us at [email="support@agile.ws"]support@agile.ws[/email] for us to figure out what’s going on with your import issue. Add a link to this thread in the email, so that we can connect the dots.
Thanks!Flag 0 -
[quote name='Mark Sealey' timestamp='1297891480' post='20742']
Should I get the 'Please wait while passwords are imported from the browser' message for several minutes?[/quote]
I'd also like to know the answer to that since I get the same result attempting a Mac OS X Keychain import, while the 1P (3.5.7, OS X 10.6.6) process remains relatively idle. Seems to get stuck before reading any keychain data.
The Login keychain is unlocked and Safari is currently disabled under Preferences > Browsers, if that matters.Flag 0 -
[quote name='MikeT' timestamp='1297989799' post='20827']
Enable the extension for Safari, it’ll then work with the import for the OS X keychain.[/quote]
Thanks, Mike. I'll give that a try… eventually. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/smile.gif' class='bbc_emoticon' alt=':)' />Flag 0 -
I'm sorry for the grave digging, but this thread does not answer one very important aspect of importing keychains.
What about Application Passwords (generic) ?
I've been a 1PW user long enough that 1PW already handles all web passwords for me, so importing old ones from Keychain is absolutely of no interest.
I do however have a lot of application passwords that I would like to be able to import into 1PW.
The import feature doesn't allow this.
Any secret tricks like simultaneously pressing ⌘⌥secrt while wearing a polka-dot bikini and dance the rumba ?Flag 0 -
I'm sorry to say, you can put your polka-dot bikini back in the closet for a few more months. At this time there is not a way to import OS X keychain data from other applications besides Safari, Google Chrome, and Camino. Since it all has to be imported [b]per application[/b] (not per data type), this quickly becomes unscalable since each password you wish to import is likely for a different application. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_worried.png' class='bbc_emoticon' alt=':S' />
I'm sorry I don't have a better answer for you right now, but I hope that clarifies the situation a bit.
Now, are you ready to rumba?!Flag 0 -
[quote name='khad' timestamp='1300531165' post='22721']
this quickly becomes unscalable since each password you wish to import is likely for a different application. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_worried.png' class='bbc_emoticon' alt=':S' />
[/quote]
Then... a design idea:
The application "security" can read and decrypt the keychain on a storage type basis or whole keychains (dump) with decryption, with raw data or without sensitive information ( security dump -r bla.keychain >raw.txt , security dump -d bla.keychain > decrypted.txt, security dump bla.keychain > safe_data_only.txt)
Now, since security can do all of this, it isn't unlikely that the framwork for doing this already exists.
Let's see...
defiant:~ thor$ which security
/usr/bin/security
defiant:~ thor$ otool -L /usr/bin/security
/usr/bin/security:
/System/Library/Frameworks/Security.framework/Versions/A/Security (compatibility version 1.0.0, current version 37594.0.0)
/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation (compatibility version 150.0.0, current version 550.42.0)
/usr/lib/libstdc++.6.dylib (compatibility version 7.0.0, current version 7.9.0)
/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 125.2.1)
defiant:~ thor$
There's something interesting: /System/Library/Frameworks/Security.framework/Versions/A/Security
Let's check.. ls -l /System/Library/Frameworks/Security.framework/Versions/A/Headers
total 1768
-rw-r--r-- 1 root wheel 7937 20 jan 2010 AuthSession.h
-rw-r--r-- 1 root wheel 22229 20 jan 2010 Authorization.h
.
.
-rw-r--r-- 1 root wheel 3184 20 jan 2010 oidscrl.h
-rw-r--r-- 1 root wheel 7575 20 jan 2010 x509defs.h
Soo... the security framework is there, I bet 1Password already uses most of it.
So reading in a keychain of the users choice into a linked list of keychain items, allow the user to select the items to import, and then do the full decryption on the rest and store then in the 1PW keychains. That might be just what you'd want to do...
See... I may not be exceptionally smart - I may even not be just smart. But I really am clever enought to understand that the "Sex via proxy" idea you are using to import web passwords - It really is exactly as good as "sex via proxy".
I.e. it get you _an_ end-result, but probably not _the_ end result you intended in the beginning.
I'd rather recommend direct manipulation. You'll be more likely to get what you want, and you are much more flexible to upcoming changes.Flag 0 -
Thanks for the great information, WhiteFang!
I'm not a developer myself, just one of the humble customer care team, but I'll certainly pass this along to our development gods to see if it is something we could use to improve our OS X Keychain import functionality. Of course I can't promise if or when we'll be able to to do this, but we have a 'never say never' attitude here at Agile <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />
Thanks again,Flag 0