How to automatically load passwords into browser/MacOS/iOS keychain

1

1

I am trying to figure out a shared family password scenario (for things like Amazon, Netflix, etc.). Basically, 1 password for each service that we can all use. However, to maximize security as well, I'm thinking about doing some sort of ejson thingy (still have more to learn there). Basically, a bunch of passwords in an encrypted JSON file that can be shared.

So then someone downloads the JSON file, decrypts it with their computer on the Mac. I know how to do that much. I don't know how you would securely do this on the iPhone. That's part of the question.

What I imagine is something like this. You decrypt the ejson passwords. You then somehow load them into your Mac keychain from the command line (or perhaps some Swift library). Likewise, you plug in your iPhone to your Mac, and can somehow inject the keychain info into the iPhone. Now it's simple, when you go to Netflix, the browser (iOS Safari, or Chrome) prompts you with your preexisting password for that service and boom, you don't even have to remember your password, or use a password manager like LastPass. By loading the decrypted ejson file into the keychain, you get everything else for free.

Note: I don't want to use a password manager like LastPass or any others.

What I'm wondering is if (a) something like this is even possible, and (b) roughly the pieces I would need to solve to get this working. I don't need step-by-step instructions on how to get it working, or necessarily commands on the command line (though that would be a helpful start). I basically just need to know the general approach to how I can share passwords like this in this sort of system, and get the browser to autofill them in, without requiring anyone to enter any passwords into Netflix/etc..

Lance Pollard

Posted 2019-07-14T00:46:57.030

Reputation: 125

Tough one as the keychain is not meant for multiple users unless they all have the same AppleID. @Tetsujin has an interesting workaround with a couple of usage caveats. Honestly your best bet is something like 1Password that has specific features for sharing logins and the like. – Steve Chambers – 2019-07-14T13:14:24.527

Answers

1

You could use a shared Note & thereby

  1. stay entirely within the Apple ecosystem.
  2. don't have to build anything yourself ;)

The first time each password is copy/pasted from the Note into the relevant area, each user's keychain would then save it [& re-distribute to all that user's devices if iCloud keychain is switched on]. The Note would then just become a 'text backup', or a way to redistribute any changes.

I just realised you can't specifically lock one Note & then share it. This, I have discovered empirically, means that though you are the only person who can delete it, anyone with access can modify it... usually accidentally.
My workaround for this is simply to share a copy, not your original, so you can copy back over if anyone fumbles it... like my partner does with remarkable frequency ;)

Tetsujin

Posted 2019-07-14T00:46:57.030

Reputation: 22 456

This is definitely a workaround :D Thanks! But this sucks, can we really not do what I'm describing programmatically? – Lance Pollard – 2019-07-14T23:28:39.450

Think about it from Apple's perspective - 'injecting' what are to the OS 'unknowns' into the keychain... not great for security. You can manually import keychains certainly to macOS, idk about iOS, but I think this more manual approach is going to be easier to handle in a regular family situation. – Tetsujin – 2019-07-15T06:37:06.813

Asked: 2019-07-14T00:46:57.030

Viewed: 143 times

Active: 2019-07-14T07:54:20.640