The software compiles a database of the suspects information on the Flash drive to allow for easy transportation away from the suspect system, which is accessible via included log readers on other Mac OS X, Linux, and Microsoft Windows systems. The application works to obtain Apple Keychain passwords including those for the logged in user, general passwords such as encrypted disk images or Wi-Fi base stations, and internet-related passwords including login and password details for websites as well as email accounts. File and folder details collected include folder dates with a list of all the key user folders along with their creation, last modification, first access, and most recent access dates. Paths to the most recent disk images that were mounted on the subject Mac are also collected, with full paths to recent files viewed in the Preview program and file names for recently viewed QuickTime movies. MacLockPick extracts the subject's instant messaging default login for iChat as well as a complete buddy list, including buddies who were already deleted. Email information is also collected, including account details with login names and server addresses used alongside Address Book contents -- including contacts that were deleted. The utility also collects Web history and preferences such as search strings or cached bookmarks, and hardware preferences including iPod serial numbers that were connected to the Mac or Bluetooth devices that were paired with the system.