One tool that we all use a lot as a developer is the command line tool, so why not use the next gen security in it ?

Why should we continue to type password when we can simply use our fingerprint with Touch ID as we do everywhere on our Mac ?

Let’s see how to change the sudo experience on MacOS by bringing Touch ID to it !

Open the command line tool and type :

# Open the sudo utility
sudo code /etc/pam.d/sudo

This will work only if you have VSCode installed on your MacOS. Be sure that VS Code path is declared on your machine as well.

Then you need to add this line at the TOP of everything :

auth       sufficient     pam_tid.so

Your sudo file should look like this :

Save the change, first VSCode will alert you that document is read only and need to be Overwrite, click on Overwrite. Then VSCode will alert you to try to Overwrite as Sudo, click on Overwrite as Sudo and your file will be overwritten with sudo access.

Open a new console, and try to use a sudo command, fingerprint with touch ID on your MacOS should now work !

Note that if you use sudo with touch ID and want to access your machine from somewhere else with SSH, you will not be able to sudo anymore as you’ll need to use touch ID for sudo command!

The good news with this method is even if someone manage to hack your password and enter your machine, the hacker will not be able to modify or install much as most of the time for writing on MacOS you need sudo access. Hacker will still be able to read everything though!