To allow TouchID on your Mac to authenticate you for sudo access instead of a password you need to do the following.
- Open Terminal
- Switch to the root user with sudo su -
- Edit the /etc/pam.d/sudo file with a command-line editor such as nano
- The contents of this file should look like one of the following examples:
# sudo: auth account password session
auth required pam_opendirectory.so
account required pam_permit.so
password required pam_deny.so
session required pam_permit.soYou need to add an additional auth line to the top so it now looks like this:
# sudo: auth account password session
auth sufficient pam_tid.so
auth sufficient pam_smartcard.so
auth required pam_opendirectory.so
account required pam_permit.so
password required pam_deny.so
session required pam_permit.so- Save the file. (Note: this file is normally read-only so saving your changes may require you to force the save)
- Also note that pam_smartcard.so may not be present on older MacOS versions.
- Exit from the root user or start a new terminal session.
- Try to use sudo, and you should be prompted to authenticate with TouchID.