Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
Recover Apple Keychain(arkoinad.com)
23 points by speckx 4 hours ago | 6 comments
nabbed 35 minutes ago | parent | next [-]

Based on this description, it sounds like someone walking past your unattended desk and bent on disrupting your day but not stealing your data, could enter in a garbage password into the lock screen a few times and lock you out of your own laptop.

I guess the same also works for cloud accounts as well. I remember, back in the mid-2000s, trying to log into my hotmail account (never having failed to log in before) and getting a "locked out due to too many bad passwords". So someone, only knowing my user account name (which was the same as my email address), locked me out of my own account. The problem was, I couldn't remember what my recovery accounts were (I eventually figured it out).

varispeed 29 minutes ago | parent [-]

Remember entering password to one service I subscribed to. It was Friday evening. I typed it wrong 5 times and my account was locked out with a message to contact customer service. Customer service was open from Monday to Friday 9am to 5pm. So I was unable to use it for a couple of days. It was painful experience. I found an alternative though and on Monday cancelled it.

dpark 34 minutes ago | parent | prev | next [-]

Is there really no supported model for this scenario? Surely the point of an iCloud backup is that you can restore from the cloud rather than do a local hack to try to regain access to locked keychain db.

What happens if you just set up the device as a new machine and login to your iCloud like normal?

vessenes 22 minutes ago | parent [-]

there are some different options depending on settings - apple will encrypt to an internally (apple held) key that your iCloud login will unlock under most circumstances. This can be turned off by consumers, and I would expect by IT departments at well.

zapkyeskrill 40 minutes ago | parent | prev | next [-]

Good information to have. I was surprised by step 2 though (rm login.keychain-db). How can you be absolutely sure it doesn't contain anything important and you won't need it later?

I'd probably opt for a more defensive action here and just rename it (like the original reset did).

xd1936 an hour ago | parent | prev [-]

It Just Works™... until you don't want to take the default option. I'm sure your average user would just be SoL if going through this same experience.