• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Books
    • Content Strategy for WordPress (2015)
    • WordPress for Web Developers (2013)
    • Beginning WordPress 3 (2010)
  • Blog
    • Content Modeling for WordPress
    • WordPress Hidden Gems
    • Web Design
  • Work
    • MLIS Class Projects (2019-2022)
    • Portfolio (2002-2019)
    • Services
    • WordPress Plugins
    • WordPress Themes
    • Presentations and Interviews
    • on GitHub →

Stephanie Leary

Writer, WordPress consultant, recent MLIS grad

  • About
    • Press Kit
    • Presentations and Interviews
  • Contact Me

Mac tip: saving passwords for SMB connections without Keychain

April 5, 2013 Stephanie Leary 7 Comments

I work with a lot of Windows servers. This means connecting to a VPN and then mounting a share via Samba (SMB). Alas, Keychain won’t autofill saved passwords for Windows servers where the username is prefixed with a domain, like auth\stephanieleary.

The current best practice for managing lots of these shares is, from what I can tell from hours and hours of Googling and consulting an Apple training rep:

  1. Create an alias once you’re connected to the share.
  2. Disconnect.
  3. Delete any previously saved passwords you have in Keychain for that server.
  4. Reconnect to the alias and have Keychain save THAT password.

But even this does not work reliably. As you can imagine, once you start working with four or five of these things, it becomes challenging to remember the appropriate combination of VPN, server/share, domain\username, and password.

Today, after YEARS of struggling (intermittently) with this, I finally remembered something: you can save usernames in the connection string. And — this I knew — you can save connection strings as favorite servers in the Finder’s Go → Connect to Server window.

UNIX geeks are probably laughing at me right now.

One more quick search confirmed that I can save not only the username, but also that pesky domain prefix and, yes, the password too. Here’s the syntax:

smb://domain;username:password@server/share

(From a tip on the invaluable Mac OS X Hints site.)

This is nowhere near as secure as Keychain, since it makes the password visible to anyone who sits down at the computer and opens up the Connect to Server window. For my purposes, that’s OK — no one else uses my laptop. This just goes on the list of passwords I’ll have to reset if the laptop is ever lost or stolen. And my list of connections wasn’t secure anyway, because I had to save them all in a text file that I could pull up every time I needed to switch servers.

Techy Goodness macs, smb

Reader Interactions

Comments

  1. Lee says

    August 31, 2014 at 9:25 pm

    Thanks for the tip. I’ve been looking for confirmation that this is a “feature” of OS X.

    Reply
  2. Philip Keller says

    January 22, 2016 at 4:33 am

    In fact, I found you can get Keychain to remember the password reliably. In the “best practice” steps that you gave (thank you!), add a step 0, derived from your technique (thanks again!):
    0. “Connect to Server” > smb://domain;username@server/share

    To start with a clean slate, you should probably open Keychain Access and delete the network passwords for the server. (step -1)

    It appears that the alias includes the URL exactly as given when you mounted the volume (look at the contents of an alias file to see). So if you mount the volume with the username, as above, and then create an alias, it’ll contain the right username and will be able to retrieve the password from the Keychain. (Here’s the post that made me think of this.)

    Thanks for your tip. Like you, I’ve been annoyed by this for ages. I just couldn’t figure out why my aliases were working fine on one computer and not on another.

    Reply
    • Stephanie Leary says

      February 8, 2016 at 9:12 am

      Fantastic tip, Philip, and much more secure than saving the passwords in the (relatively open) server list. Thanks!

      Reply
    • channing says

      August 4, 2017 at 4:12 am

      it works! great help!

      Reply
  3. Philip Keller says

    March 9, 2016 at 6:46 am

    A further follow-up, because I was once again having trouble getting this to work, on another machine: if the connect string “smb://domain;username@server/share” fails to connect, try replacing the server name with its IP address (see credits for this hint). Worked for me.

    Reply
  4. Amy Bennett says

    March 22, 2016 at 8:00 pm

    I’m trying to get this working as well. No matter what I do, it always asks me to give the password on reboot.
    I’m up to the stage of deleting the network passwords for the server from Keychain Access but I’m not sure what the entries should look like for a smb server.

    Reply
    • Philip Keller says

      March 29, 2016 at 3:19 am

      In Keychain Access, search for the server name. There should be an entry with Name=servername, Kind=”network password”, Account=domain\username, Where=smb://servername/…, Password=password.

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Footer

My Books

I’m a front end developer at Equinox OLI, working on open source library software. I was previously a freelance WordPress developer in higher education. You can get in touch here or on LinkedIn.

Copyright © 2023 Stephanie Leary · Contact