Opera asks for my keychain password on macOS – what do I do? Opera 53 has a new signing certificate
Hello,
We would like to let you know that we have updated our software signing certificate from Opera Software ASA to Opera Software AS. This is why your macOS is asking you to type in your keychain password and give Opera access to the information stored there. Please find more information below.
New signing certificate makes your system ask for your keychain password
Your macOS uses application signatures to ensure that the software you’re running is legitimate. The application signature is also used by macOS to regulate access to the keychain. Keychain is a service that allows applications to securely save passwords.
Opera only requests access to “Opera Safe Storage”, which is Opera’s own keychain item. It doesn’t request or try to get access to any other keychain item. Opera cannot access the rest of your keychain.
This is what happens in detail: Opera uses they keychain to save an encryption key that is, in turn, used to encrypt saved passwords and other privacy-sensitive profile data. If you’ve been using older versions of Opera, you might get this warning after an update to a new version that is signed with the new certificate:
Type in your password and click “Always Allow” to keep using your passwords saved in Opera
Because Opera’s signing certificate has changed, your system will ask for you to allow Opera to use information stored in your keychain. You should enter your macOS user password and click “Always Allow” to make sure Opera can keep accessing its encryption key as before. Clicking “Allow” will grant Opera access to your keychain for the current session, which means you will be asked again when you open the browser the next time.
If you click “Deny” your saved passwords and saved website cookies will not be available for the browsing session. You will see this notification again once you reopen Opera.
The Opera version you’ve updated to has the correct signature – otherwise, it wouldn’t start. But in case you’re wondering whether the version you downloaded has a valid signature, you can always run Terminal.app, type in this command and check for yourself:
codesign -dv --verbose=4 /Applications/Opera.app
In the resulting output you should see these lines:
Authority=Developer ID Application: Opera Software AS (A2P9LX4JPN) Authority=Developer ID Certification Authority Authority=Apple Root CA
This is also a good moment to remind our users that, for sake of security, software should be downloaded from its creators’ websites. In Opera’s case, this would be https://www.opera.com.