DEV Community

Max
Max

Posted on

Create secure Touchbar-Quickaction

I wanted to create a Touchbar-Button that automatically pastes a password to the current cursor position. That button should be secured by Touch-Id.

Save Password at a secure location

The password should be stored at a secure location (e.g. in the Home-Directory of the Root-User).

sudo vim /var/root/masterpw
Enter fullscreen mode Exit fullscreen mode

(You need the file path in the Automator-Script below)

I also consider storing the password on a YubiKey. But that is worth another blog post.

Create Quick Action in Automator

Automator is a default application of MacOS with that you can configure scripts for repetitive tasks.

Create and save a new Quick Action that runs the following AppleScript:
Image description

on run {input, parameters}
    do shell script "sudo cat /var/root/masterpw"
    tell application "System Events" to keystroke result
    return input
end run
Enter fullscreen mode Exit fullscreen mode

Configure Touch-ID to be used with sudo

Per default sudo-commands require the root-password and can not be authorised with Touch-ID.

That can be changed by adding the following line of code to the sudo-File:

sudo vim /etc/pam.d/sudo:

auth       sufficient     pam_tid.so
Enter fullscreen mode Exit fullscreen mode

Add "Quick Actions" to Control Strip

Image description

Image description

Done!

Now you can paste the password into every application. Just Klick on the "Quick Actions"-Button on the Touchbar, then on "Master PW" and confirm via TouchId Fingerprint.

Security advice

Due to SSO and LDAP login at work for many services using the same password is wanted in my situation. I want to highlight that it is best practice to use a Password Manager and try to avoid sharing the same password across multiple services as much as possible.

Top comments (0)