I wanted to create a Touchbar-Button that automatically pastes a password to the current cursor position. That button should be secured by Touch-Id.
Save Password at a secure location
The password should be stored at a secure location (e.g. in the Home-Directory of the Root-User).
sudo vim /var/root/masterpw
(You need the file path in the Automator-Script below)
I also consider storing the password on a YubiKey. But that is worth another blog post.
Create Quick Action in Automator
Automator is a default application of MacOS with that you can configure scripts for repetitive tasks.
Create and save a new Quick Action that runs the following AppleScript:
on run {input, parameters}
do shell script "sudo cat /var/root/masterpw"
tell application "System Events" to keystroke result
return input
end run
Configure Touch-ID to be used with sudo
Per default sudo-commands require the root-password and can not be authorised with Touch-ID.
That can be changed by adding the following line of code to the sudo-File:
sudo vim /etc/pam.d/sudo:
auth sufficient pam_tid.so
Add "Quick Actions" to Control Strip
Done!
Now you can paste the password into every application. Just Klick on the "Quick Actions"-Button on the Touchbar, then on "Master PW" and confirm via TouchId Fingerprint.
Security advice
Due to SSO and LDAP login at work for many services using the same password is wanted in my situation. I want to highlight that it is best practice to use a Password Manager and try to avoid sharing the same password across multiple services as much as possible.
Top comments (0)