Here is a repost of my suggestion from a similar thread, expanding on nelson's response. The advantage is that you do not need to disable iCloud Keychain globally to resolve this issue:
I too was facing this problem and came up with a slightly more elegant workaround.
In the end, I deleted all of the relevant Wi-Fi networks from iCloud Keychain and used configuration profiles to install the network credentials on the desired devices instead.
I have written a step by step guide for those not familiar with creating and installing .mobileconfig files for OSX & iOS.
We're going to create a config profile for each SSID and password combination and install those selectively on our devices.
- Install Apple Configurator (free) from the Mac App Store.
- Launch Configurator, proceed past first run screens.
- Select the Supervise tab from top toolbar of the main application window.
- Under All Devices > Settings > Profiles, click the '+' icon to create a new profile.
- Under the General tab, give the profile a name, I suggest the same as your first Wi-Fi SSID.
- On the left select Wi-Fi, click Configure.
- Enter the SSID in the SSID field. From Security Type, select Any (Personal).
- Enter the Wi-Fi password into the Password field.
- Click Save.
- Repeat steps 4-8 for your second and any other SSIDs.
- Select each of your profiles one by one and click the share icon to export the profiles.
Now that this is done, delete your SSID settings from iCloud keychain, e.g. on your Mac go to System Preferences > Network > Wi-Fi > Advanced and forget any of the SSIDs in question by selecting their names and clicking the '-' icon.
Keychain sync should forget these networks across the board, but you may need to repeat this step on your iOS devices by selecting 'Forget this network' from the SSID settings if it auto-connects undesirably. YMMV.
You are now ready to install the profiles by double clicking, or by opening from an email attachment on any iOS devices, accepting all security warnings.
Unfortunately I can offer no perfect solution however I can confirm this shortcoming in the iCloud Keychain sync. I've been able to reproduce this same behavior. Indeed a selective disabling ability in the keychain settings would do the trick. Until Apple implements functionality like that I think your options are
- turning off wi-fi on your phone when your near that hotspot
- turning off iCloud Keychain sync on your phone.
Because iCloud Keychain was delayed from the original release of iOS 7 I'm guessing Apple just didn't have time to implement finer grain controls on what is and isn't synced.
Best Answer
From the Finder of original keychain file, press Command+Shift+G to bring up Go To Folder and enter the path:
~/Library/Keychains/
Copy the ser “login.keychain” file to the new Mac, do this with AirDrop, Ethernet, USB or any external devices.
On the new Mac, press Command+Spacebar to open Spotlight and type “Keychain Access” then hit return, this launches the Keychain manager app
Pull down the “File” menu and select “Add Keychain” and browse to the keychain file you copied to the new Mac, selecting Add to import the stored keychain data to the new Mac
Hope this helps :)