When using applications on a Mac, chances are they simply start up and work without issue. Part of this seamless operation is your Mac tracking sign-in credentials for all of your apps and services so you don’t have to login each time.
This is the Mac’s Keychain Access app working in the background, which is where passwords are kept. The accountsd Mac framework is how apps access the keychain; when you receive the notification “accountsd wants to use the local items keychain,” the app needs to access keychain to verify credentials.
We’ll tell you what Mac keychain and accountsd are, why a native app like Safari wants to use the login keychain when there’s an accountsd iCloud keychain, and why acountsd wants to use the local items stored in keychain access.
What is keychain?
Keychain Access is a native macOS app which houses passwords and other account details. It helps reduce the number of usernames and passwords you have to enter when using apps on a Mac. It also works for cloud-based and web services. Servers, email accounts, websites, and other items may prompt you to save your password for future use.
By design, keychain access on your Mac is difficult to find, and even less user friendly. It’s a system level application, holding sensitive information that often should not be deleted or altered in any way. Errantly removing credentials can cause serious usability issues for apps, so tread lightly.
What is accountsd
The accountsd framework also goes by another name you may be more familiar with: iCloud keychain.
Accountsd provides apps and services access to the appropriate usernames and passwords for those apps. Microsoft’s suite of apps, like Word and Excel, each have one or more keys in keychain access. If you were to login to these apps on your Mac – then the iPad – iCloud keychain (or accountsd) would sync that data across devices to make the sign-in process smoother.
From time to time, you may see a popup notification that accountsd needs access to the keychain. Don’t worry; nothing is wrong!
Why does this message appear on your Mac?
Plainly put, your keychain is not synced with the app or service you’re using. Apps may still open, but you may receive a prompt that accountsd needs access to the keychain for things to operate further.
When you first login to an app on your Mac, it saves those credentials in keychain access, and accountsd is used to access the necessary information. Each time you open an app, it attempts to verify your credentials through accountsd. When it can’t, it continues to prompt you to allow access to keychain so it knows to trust you.
How to Fix "Accountsd Wants to Use the Login Keychain"
Now that we know what keychain and accountsd are, and how they work together, let’s address the core issue: that pesky popup notification!
Here are a few steps to remedy the issue:
Turn Keychain Auto-Lock OFF
Though accountsd and iCloud Keychain are interchangeable, there may be some passwords that are still saved locally instead of in the cloud. And that local vault may be locked. Here’s how to fix it:
- Open Keychain Access on your Mac
- Right click the “login” module on the right side of the app window
- Select “Change Settings for Keychain “login”” from the drop down menu
- In the new window, uncheck the “Lock after” and “Lock when sleeping” options
- Select “Save”
This is the most common fix for the accountsd popup. If this doesn’t work, there are a few other solutions that may work for you.
Create New Keychain
This may seem a bit drastic, but remember you’re not altering the old keychain. Mac keeps the older version of keychain handy, so this won’t break anything. Instead, it creates a copy of the vault, which you’ll rename.
- Open Finder on your Mac
- From the menu bar, select “Go”
- Select “Go to folder” from the drop down menu
Type this destination into the text entry field under “Go to the folder”: ~/Library/Keychains
- Select “Go”
- Select the folder “Keychains”
- Holding down the Option key, drag the folder onto your desktop
- Right click or click and hold the name of the folder copied to your desktop
- Rename the folder
Passwords should always be secure, never duplicated, and hosted safely. Keychain access is a great storage container for passwords, but the best method for securing accounts is to use time-based one time passwords (TOTP) as a two-factor authorization method. And the best Mac app for this purpose is Step Two.
Step Two allows you to manually add your own credentials, or use an app’s QR code to automatically add usernames and passwords to the Step Two vault. Apps that ask for TOTP verification weave through Step Two, which creates a temporary password you can use to access apps.
It has an iOS counterpart, and all credentials can be synced in iCloud for a seamless desktop and mobile experience.
Use Keychain First Aid
Macs using macOS Catalina or older can run Keychain First Aid, which takes a hard look at your credentials to identify issues for specific apps or services. Here’s how to do it:
- Open the Keychain Access app on your Mac
- From the menu bar, select “Keychain Access”
- Select “Keychain First Aid” from the drop down menu
- Enter the username and password for the app you’re having issues accessing
- Make sure “Verify” is selected, and select “Start”
With macOS Big Sur, Apple removed the First Aid option. This is likely because credentials are stored in iCloud by default, and allowing diagnostic access to a web property may be a security issue. In its beta stages, some users reported issues with Big Sur’s keychain access which has since been remedied.
A move to iCloud also allows Apple to monitor your usernames and passwords, then compare them to known hacks. If you were using the same username/email and password for multiple sites, and one had a breach, Big Sur will warn you the credentials were compromised, and advise you to change them immediately. It’s as if Apple is doing First Aid for you, now!
Reset Local Keychain
Local keychain access may be the real culprit, so here’s how to reset it:
- Open the Keychain Access app on your Mac
- From the menu bar, select “Keychain Access”
- Select “Preferences” from the drop down menu
- Select “Reset My Default Keychains”
- Enter a new, secure keychain password
- Select “OK”
- Log out of your Mac, then back in to fully reset local keychain access
Remove iCloud Keychain
It’s also possible your iCloud keychain is not synced properly. Here’s how to remove (and re-add) it from your Mac:
- Select the Apple logo on your Mac’s menu bar
- Choose “System Preferences” from the drop down menu
- Select “Apple ID” at the top right of the new window
- Scroll down to find “Keychain” and deselect it
- Restart your Mac
When you’re ready, simply select Keychain in your Apple ID menu to add all your login items back to your Mac.
Pro tip: Store all your passwords in a digital password organizer
Earlier, we said all passwords should be stored in a secure vault. iCloud Keychain is handy, but not the most secure or reliable service. A better alternative is Secrets.
Secrets is a dedicated Mac app that houses all of your usernames, passwords, secure notes, credit card details, banking data, and other personal information. Backed by industry standard PGP protection, Secrets locks all of your sensitive information in a cloud-based vault accessible from any device. Secrets also syncs with Chrome, Firefox, and Safari to automatically fill credentials to websites.
Manage all your application permissions in one place
Issues with accountsd all stems from apps losing permissions to keychain – but how? Honestly, nobody really knows. It could be a setting change, an update, or a billion other issues.
The best way to ensure your apps and services retain the necessary permission required to operate seamlessly is with CleanMyMac X. The app runs thorough scans of your entire Mac, all the way down to application permissions, to keep everything running in tip-top shape. It can delete old files, system junk, update your apps, and a whole lot more.
Fixing disk permissions with CleanMyMac X is simple, too. Here’s how:
- Open CleanMyMac X on your Mac
- Select “Maintenance” from the left side of the app window
- Choose “Repair Disk Permissions”
- Select “Run” at the bottom of the window
Accountsd and keychain access are tricky to manage, and can cause issues with the operation of apps on your Mac when out of sync. We’ve shown you the common fixes for it here, which solve most issues with accountsd.
Still, you should always store your passwords in a secure vault, even if you do use keychain access. This is why Secrets is preferred; it locks everything away in a secure vault where keychain can’t cause issues. Even if keychain access fails you, Secrets won’t.
Step Two is one of the best 2FA apps around, and CleanMyMac X can restore disk permissions to reset an app’s access to keychain. These three apps are the best team for managing passwords, securely logging into apps, and resetting permissions whenever you like.
CleanMyMac X, Step Two, and Secrets are all available for free during a seven day trial of Setapp, the world’s largest suite of productivity apps for your Mac. Nearly 200 other apps are available alongside the three mentioned today, and your free trial allows you full access to the entre suite of apps available on Setapp.
When the trial ends, continuing your use of all the apps in the Setapp catalog is only $9.99 per month – an incredible deal, so why wait? Give Setapp a try today!