sudo with Touch ID

As a programmer, you might have come across the sudo command while working on the terminal. sudo, short for “superuser do”, is a widely used command in Unix-based operating systems such as Linux and macOS. It allows a user with administrative privileges to execute commands that are restricted to the root user.

One of the disadvantages of sudo is that it asks for your password. It’s 2023 and passwords should be a thing of the past, since all our devices are equipped with biometric sensors.

Turns out it’s effortless to make sudo work with the Touch ID sensor in your Mac’s keyboard.

First, open up a terminal and type: sudo nano /etc/pam.d/sudo

Next, enter your password. This will be the last time you ever do.

Finally, add this line to the top of the file:

auth       sufficient     pam_tid.so

The full file should be something like this:

# sudo: auth account password session
auth       sufficient     pam_tid.so
auth       sufficient     pam_smartcard.so
auth       required       pam_opendirectory.so
account    required       pam_permit.so
password   required       pam_deny.so
session    required       pam_permit.so

Save the file by pressing control+x and confirm that you want to save it by pressing y.

The next time you sudo, you will be asked for your fingerprint:

And as a nice bonus: if you have an Apple Watch that you’ve enabled to unlock your Mac, you can use this too to confirm your idenity.