One tool that we all use a lot as a developer is the command line tool, so why not use the next gen security in it ?
Why should we continue to type password when we can simply use our fingerprint with Touch ID as we do everywhere on our Mac ?
Let’s see how to change the
sudo experience on MacOS by bringing Touch ID to it !
Open the command line tool and type :
# Open the sudo utility sudo code /etc/pam.d/sudo
This will work only if you have VSCode installed on your MacOS. Be sure that VS Code path is declared on your machine as well.
Then you need to add this line at the TOP of everything :
auth sufficient pam_tid.so
sudo file should look like this :
Save the change, first VSCode will alert you that document is read only and need to be Overwrite, click on
Overwrite. Then VSCode will alert you to try to Overwrite as Sudo, click on
Overwrite as Sudo and your file will be overwritten with
Open a new console, and try to use a sudo command, fingerprint with touch ID on your MacOS should now work !
Note that if you use sudo with touch ID and want to access your machine from somewhere else with SSH, you will not be able to sudo anymore as you’ll need to use touch ID for sudo command!
The good news with this method is even if someone manage to hack your password and enter your machine, the hacker will not be able to modify or install much as most of the time for writing on MacOS you need
sudo access. Hacker will still be able to read everything though!