9to5Mac Security Bite is exclusively brought to you by Mosyle,the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.One of the greatest benefits of Touch ID on Mac is rarely having to type your password when making purchases, signing into apps, and, of course, unlocking the device. It might be ancient technology to the iPhone at this point, but it continues to be a default luxury on Mac. If you frequent Terminal, youll be glad to know you can also authenticate as administrator with Touch ID for all the sudo goodness with one tap.The ability to use Touch ID for sudo has been around for years. It takes 60 seconds to set up and requires us to make just a few edits to system configuration files on macOS. Painfully, until Sonoma, Apple would revert these changes with every new release of macOS, requiring the user to again type the sudo password to authenticate. Im going to show you how to implement Touch ID for sudo in a way that wont be overwritten.As a reminder, Apple stores Touch ID data the same way as Face ID: locally on the device with AES-256 encryption and processed by the Secure Enclave only when its needed. It is never sent to Apple servers or backed up to iCloud. In fact, data is not even accessible to the operating system. The Secure Enclave simply returns a yes or no if the authentication is successful. How to enable Touch ID for sudoIm using macOS Sequoia 15.4, but this will work on any version of macOS after 10.15 Catalina for Macs with that magical fingerprint sensor in the top right of the keyboard. Im using Terminal, but this should also work on any emulator that supports the Pluggable Authentication Module (PAM).1. Copy and create new configuration fileFirst, copy the default template configuration file provided by Apple and create a new one called sudo_local. We copy the template file instead of modifying it directly to ensure that it doesnt get overwritten when the version of macOS drops.sudo cp /etc/pam.d/sudo_local.template /etc/pam.d/sudo_local2. Edit the sudo_local fileNext, open the newly created sudo_local file with your preferred text editor. Nano is my fav (:sudo nano /etc/pam.d/sudo_localIn the file, uncomment the line containing pam_tid.so by removing the #. Hit Allow on any system prompts that may appear. 4. Touch but verifyThats it! Now, lets verify that it works. Open a new Terminal session and run a sudo command to test the setup. Youll now get a prompt to use Touch ID for authentication instead of typing your system password out. You can revert back to typing in your password by simply commenting the auth line we uncommented in step 3.Enjoy! Follow Arin: Twitter/X, LinkedIn, ThreadsAdd 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel