Supports macOS Sequoia Learn More

XCreds

Log in to your Mac with your Cloud Password

Buy Download Trial

Cloud Login at the Login Window

XCreds supercharges your Mac login window. Use your Azure, Google Cloud, Okta or any OpenID Connect password to log in to your Mac. XCreds verifies the password with your identity provider and saves the tokens to the user keychain for validation that the cloud password is in sync with the local password. Perfect.

Single Sign-On with Autofill

XCreds includes a credential provider for autofill. Whenever an app or website requests your cloud password, simply use Touch ID to insert your cloud username and password. Since your cloud password is stored in your keychain, it is protected by your password and by your fingerprint.

New Account Creation

Brand new Mac? No worries! XCreds will provision the user account, home directory and all that you need for first log in. All you need to do is log in. If WiFi is not set up, XCreds allows you to select a wireless network for that first connection. Easy as that.

Easy Configuration

XCreds uses configuration profiles for all settings. Create the configuration profile using Profile Creator and drop it into your MDM. Done.

Offline Access

Getting on a plane and no WiFi but still need to log in? Want to log in as a local user or an admin account? XCreds can easily switch to the standard macOS Login Window. Just like that.

Password Syncing

XCreds works by keeping your local Mac password in sync with your Identity Provider password. If you use Azure or Google or another identity provider, XCreds will make sure the password is the same. XCreds runs in the background and checks if the cloud password has been changed. If it detects the password has changed, it prompts to log in to the cloud provider and updates the local password and the keychain password automatically.

Active Directory Login

Log in with local Active Directory user accounts right from the XCreds login window. Even if the user has not logged in before, a local account will be provisioned and the local password will be set to the Active Directory password. Once the user has logged in, a kerberos ticket will be requested for Active Directory Single Sign-On. On subsequent logins, the local password will be updated to match the Active Directory password.

See It In Action


See What's New In XCreds 5

XCreds Features

  • Login Window log in to OIDC provider
  • Support for Azure, Google Cloud, Okta and any OIDC provider
  • Initial account provisioning
  • WiFi Login Window configuration
  • Restart and shutdown from Login Window
  • Profile manifest available for easy configuration
  • Local password update with IdP password
  • Prompt for IdP password when changed
  • Login Keychain password updating
  • Customizable preferences
  • Easy deployment
  • Uses OpenID Connect
  • Autofill cloud credential provider
  • Multiple monitors
  • Customized Menu Icon
  • Customize Password Reset Text
  • Customize Refresh Banner
  • AD Mapping
  • Map UID
  • Custom Keyboard Shortcut
  • Attractive and pleasing menu icon
  • Easy configuration with profile / MDM
  • Profile Manifest for Profile Creator Support
  • Two-Factor and Multi-Factor support
  • New username and password window
  • Able to create a user as an admin using group member preference
  • Kerberos ticket
  • Switch to login window at screensaver
  • Reset keychain
  • Most preferences are now able to be overridden
  • Added shake to the password field
  • System Information on Login Window
  • Admin Account Creation
  • Offline Authentication
  • Full Name Login
  • Force Show Local User Login
  • Add AD Attributes to local user
  • Customize Local Password Prompt
  • Require Member of Group to Login
  • Map for Password Expiration

Pricing


See info for education organizations



  • Small Organization
  • $600
  • starting at

  • ✓ Install on up to 200 Macs
    ✓ $3 per additional Mac
    ✓ 1 year basic support

    Request Quote

Buy Now
  • Business and Government
  • $3000
  • starting at

  • ✓ Install on up to 1000 Macs
    ✓ $3 per additional Mac
    ✓ 1 year premium support

    Request Quote

Buy Now
Buy Now

Open Source

XCreds is open source software so you can deploy it to all your Macs, audit the code, make changes, and know that it will be around when you need it. If you need support for your organization, there is a public Slack channel on MacAdmins Slack.

Reduce Support Costs

When the local password is different from cloud passwords, it can drive up support costs. Using XCreds, any change in the cloud password is detected and the local password is updated along with the login keychain.

Resources

System Requirements

  • Version history
  • Intel-based or Apple Silicon Mac
  • macOS 14 Sonoma or 15 Sequoia

Learn More

Keep In Touch

Connect With Us

Sign Up for XCreds Security and Product Updates

Enter your information below to receive email updates when there is new information specifically regarding this product and how to use it. Alternatively, to receive email updates for general information from Twocanoes Software, please see the Subscribe page.

Name

XCreds News & Tips


Knowledgebase

Setting Up XCreds with Auth0

 January 13, 2025
If you use Auth0 as your identity provider (IdP), XCreds can authenticate using OIDC to your IdP. The instructions below will walk you through setting…
Read More
Knowledgebase

Capturing XCreds Logs

 December 30, 2024
XCreds logs in 2 different locations: /tmp/xcreds/xcreds.log The Library folder in the user's home directory (~/Library/Logs/xcreds.log) The log located in /tmp/xcreds/xcreds.log shows entries from the…
Read More