Skip to content

How to selectively prevent Safari / Keychain from updating passwords

  • by
Spread the love

Safari 16, macOS Monterey 12.6

I have an interesting problem with Safari and the mechanism it uses when prompting to save a Website’s password.

I use 2FA when logging onto a certain account, for which the standard userid and password are stored in the Keychain. Normally this is accessed with Touch-Id on the Mac. Following that the Website prompts me for my one-time password, generated from my 2FA app. The problem then lies with Safari seeing the OTP field on the page as another password to be stored, and because it is obviously different and single use, sees it as a change for the main credentials for the page, and so prompts me to store the ‘new’ password. Only by diligence and making sure I click ‘No’ when prompted have I been able to avoid inconvenience!

I have been burnt in the past by this behaviour on other websites, where Safari sees a 2FA code sent by SMS as a change, and I must admit I’ve idly clicked through, only to find my error next time I logon, leading to a tedious ‘forgotten your password?’ exchange.

Is there a way to lock change, say in the Keychain Access app? Is it due to the way secure fields on the page are recognised?

Small edit:

I noticed after a secondary search that switching off Autofill will prevent saving in addition to autofill, but I want to allow autofill, but selectively stop saving prompting.

Leave a Reply

Your email address will not be published. Required fields are marked *