Details
While logged in, the keychain does not prompt the user for passwords for various systems and/or programs. This can be exploited by unauthorized users to gain access to password protected programs and/or systems in the absence of the user.
Solution
Perform the following to implement the prescribed state:
Open Utilities
Select Keychain Access
Select a keychain
Select Edit
Select Change Settings for keychain
Authenticate, if requested.
Select Lock when sleeping setting
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Unix.