Mac: Use Touch ID to Authenticate Sudo Commands

less than 1 minute read

On newer MacBook Pros, you can add Touch ID as an acceptable method of authenticating sudo commands. This is done by editing the /etc/pam.d/sudo file:

$ cat /etc/pam.d/sudo
# sudo: auth account password session
auth       sufficient
auth       required
account    required
password   required
session    required

$ sudo edit /etc/pam.d/sudo

Update the file to include the following line after the # sudo ... line:

auth       sufficient