No. of Recommendations: 1
You can test your keychain theory by logging in under a different user account on your work Mac.

Excellent idea, Steven, thanks. Here's what I tried:

Since my existing accounts tend to have well-populated keychains, I created a temp account without access to iCloud. Upon logging in, I opened Keychain Access to watch how the keychain changed.

At first, there's only an "Apple Persistent State Encryption" application password.

Once I started iCloud, but without BTMM, I got an iCloud application password (with access allowed to InternetAccounts, iCloudAccounts, MobileMe Application Group, and, an AppleID Authentication application password (access for AppleIDAuthAgent), an AppleID public key (access for all applications), and an AppleID private key .

Then I activated BTMM in System Preferences. No change to the Keychain

So, time to go BTMM via screen sharing. I try to log in and get the dialog box asking for my username and password. I enter it, boom, I'm in. I log out and try again, this time saving my password to my keychain. Back in, keychain now has a network password to my mini at home. No change in access control to other keychain items. Logging out and logging back in gives me access without having to enter my username and password. I delete the network password from the keychain and try BTMM again, and this time, as expected, I need the password.

I deleted the account and then realized I hadn't tried everything, so I repeat most of the above, including recreating the account from scratch. Then, having automatic login via the username and password saved to my keychain, I delete the network password from the keychain and try to log in via my Apple ID.

However, before I can try to log in via Apple ID on the dialog box, I get logged in automatically. I reexamined the keychain, and there are two certificates there -- Apple Application Integration Certification Authority and of gibberish). Where did those come from? When did they pop up?

Delete the account once again and start over, to see when the certificates show up. Log in, log out, delete network password, etc. Got to the point of trying to log in via Apple ID, and the dialog box says it won't work, please try again with different credentials.

I go away, come back, and those certificates have appeared again, with no intervention on my part. I try to screen share (or log-in) via BTMM, and I log in automatically again, without the dialog box. I delete the certificates -- why didn't I delete just one at a time? -- and the username and password dialog box shows up again.

So, it seems that one or both of these certificates are used by Screen Sharing to bypass the username and password dialog box and log into my other Mac via BTMM. Googling and searching on Apple's community groups shows they're a focus of some BTMM problems, so it's an avenue for me to pursue. My immediate goal is to find out if it's safe to delete them, e.g. do other applications need them for some reason.

I'll save that for later though. As you can guess, I took a lot of notes to trace this issue, and I ended up entering my admin username and password -- the really long, complicated one I mentioned to Gordon -- what felt like a zillion times.

Print the post  


What was Your Dumbest Investment?
Share it with us -- and learn from others' stories of flubs.
When Life Gives You Lemons
We all have had hardships and made poor decisions. The important thing is how we respond and grow. Read the story of a Fool who started from nothing, and looks to gain everything.
Community Home
Speak Your Mind, Start Your Blog, Rate Your Stocks

Community Team Fools - who are those TMF's?
Contact Us
Contact Customer Service and other Fool departments here.
Work for Fools?
Winner of the Washingtonian great places to work, and Glassdoor #1 Company to Work For 2015! Have access to all of TMF's online and email products for FREE, and be paid for your contributions to TMF! Click the link and start your Fool career.