2

Every time I turn on a VPN I added manually to Network preferences a password prompt appears

enter image description here

macOS wants to make changes. Enter an administrator's name and password to allow this.

macOS wants to use the "System" keychain.

My account is the administrator (and only) account on my Macbook. I have to enter my username and password to continue and finally the VPN turns on.

This is a pain to have to repeat every single time I want to turn the VPN on.

How can I allow the VPN to just turn on without requiring password input?

Improve this question
6
  • As a VPN accesses the system wide network configuration, it is understandable that you need to use a password. Maybe you can tell us which VPN app you use, then we can do some research with you.
    – DarkDiamond
    Commented Aug 24, 2021 at 9:59
  • @DarkDiamond I added it manually it's not a VPN app. And it's surprising it needs a password since app VPNs I have tested like betternet and windscribe don't.
    – minseong
    Commented Aug 24, 2021 at 10:10
  • That't interesting. I have never tested the built in VPN because it doesn't support the OpenVPN-Protocol which is widely used and much more secure than others, what protocol do you need?
    – DarkDiamond
    Commented Aug 24, 2021 at 10:15
  • @DarkDiamond it's IKEv2 and the server address is azuregateway-*.cloudapp.net
    – minseong
    Commented Aug 24, 2021 at 10:18
  • I'll do a research in my lunch break later. But sounds like a problem that is as old as the protocol itself. My first but dirty solution would be to use a third party VPN Client.
    – DarkDiamond
    Commented Aug 24, 2021 at 11:05

4 Answers 4

Reset to default
2

So I did some research, and the problem seems to occur with multiple VPN clients, third party or not. From what I understood the problem is that by activating the VPN, some settings e.g. the proxy settings are altered, and that is something the average user must not do without granting admin rights to the process. I found out two possible workarounds, but I can not guarantee that these will work.

  1. Try to reset your Keychain. Sometimes it gets messed up by multiple processes accessing it at the same time. Just make sure you have a backup of it. Then after the first start of your VPN connection, there should be a prompt again, but this time there should be the option to always allow access for this process. That should do the trick.
  2. You can manually edit which processes have access to the keychain. I don't have a Mac at hand to show you some screenshots, but if you can find out the name of the process demanding the access to the keychain, you can manually always allow it if the option mentioned in 1. does not show up.

I hope this helps, please give some feedback if it works, this seems to be a known problem without any advice given by Apple themselves. And maybe ask over on Ask Different, there are people with more knowledge of Apple devices than I have.

Some of the more interesting ressources:

Apple discussions: 1 2 3

Other 1 2

Improve this answer
2
  • The process owner seems to be SecurityAgent. I wonder if it's dangerous to give it permanent passwordless access to the keychain.
    – minseong
    Commented Sep 7, 2021 at 9:42
  • It probably isn't but you can never be sure. I know I personally wouldn't, but as fas as privacy goes, I am kind of paranoid.
    – DarkDiamond
    Commented Sep 7, 2021 at 10:27
1

My L2TP-IPSEC VPN connection initially didn't ask for a password on connection. However something happened - a reboot or a software upgrade? and then it started asking for the PPP account password every time, even though I'd already entered it in the VPN configuration.

Changing the secrets to allow access to all applications (as above) made no difference. However I deleted and recreated the VPN configuration, and it stopped prompting me again.

Improve this answer
2
  • 1
    Also had this after an upgrade. Removing and re-adding resolved it. Thank you.
    – Leigh Bicknell
    Commented Aug 18, 2023 at 14:31
  • Happens all the time to me - after a restart/upgrade you have to remove and re-add the VPN to make it save the password. It's really annoying.
    – Rok T.
    Commented May 21 at 8:41
0
  1. Open Keychain Access on your Mac.
  2. Locate your VPN.
  3. Right click on your VPN and select Get Info.
  4. Change it to Allow all applications to access this item

enter image description here

Improve this answer
1
  • tried but didn't work
    – Valerio
    Commented Apr 9, 2023 at 15:53
0

For macOS 13 Ventura and later…

  1. In the Apple menu, select "System Settings…".
  2. Click "VPN" in the left column.
  3. Click the information icon ("") beside the VPN profile for which login credentials are to be saved.

System Settings application window showing steps 2 and 3

  1. Enter the account name and password in the "Account name" and "Password" fields, respectively.
  2. Click the "OK" button.

VPN configuration dialog box showing steps 4 and 5

Repeat the above steps with each VPN profile for which login credentials are to be saved.

PS: I've noticed that many months after saving a VPN password, macOS will begin prompting for the password again. When that happened, I removed my password from the settings, saved them, then added my password again, and saved it a final time. After that, it wouldn't prompt me for the password again. Hopefully that won't happen again after many months.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .