Lock Keychain Access

New Contributor II

What is the best way to lock keychain access on mac os devices? I do not want users poking around in there. I basically want the lock in the upper left hand corner to be locked.


Legendary Contributor III

Can I ask why? Keychain Access, or at least the user's login keychain, is intended to be used by users, not locked. Locking it is only going to really mess up your user's experience. Even if there was a way to do this, which I have a feeling there isn't, the OS isn't going to play nice with this and will nag your users incessantly about not being able to access items in their keychain. macOS just wasn't designed with the idea in mind of denying users access to their own login.keychain.

If you're concerned about the System keychain being messed with, non admin users aren't able to unlock it. When you try to unlock it, it asks for an admin account name/password to do so. As long as your users are standard accounts, they shouldn't be able to mess with the System keychain.

Contributor III

I have seen posts where people put and app restriction on it so it can't be opened if that's what you're looking for. I believe it still retains functionality.