Information
While logged in, the keychain does not prompt the user for passwords for various systems and/or programs. This can be exploited by unauthorized users to gain access to password protected programs and/or systems in the absence of the user. Timing out the keychain can reduce the exploitation window.
Solution
Perform the following to implement the prescribed state:
Open Utilities
Select Keychain Access
Select a keychain
Select Edit
Select Change Settings for keychain <keychain_name>
Authenticate, if requested.
Change the Lock after # minutes of inactivity setting for the Login Keychain to an approved value that should be longer than 6 hours or 3600 minutes or based on the access frequency of the security credentials included in the keychain for other keychains.