iCloud Keychain is a handy feature for Apple users that provides a secure and convenient way to manage passwords and other sensitive information. With iCloud Keychain, you can securely store your login credentials, credit card information, Wi-Fi passwords, and other important data on your Apple devices.
At its core, iCloud Keychain champions data security. It ensures data security with end-to-end encryption, allowing only trusted devices linked to your iCloud account to access the information. Moreover, iCloud Keychain bolsters security with biometric authentication methods like Touch ID or Face ID.
Overall, iCloud Keychain is a potent tool that makes it easy to manage your passwords and other sensitive information securely across all your Apple devices. If you're not already using it, you should consider turning it on to take advantage of its many benefits.
Apple has made significant strides in enhancing its password management capabilities with the introduction of new features in iOS 15, macOS Monterey, and beyond. In the past, iCloud Keychain was a somewhat passive password manager that would occasionally pop up unexpectedly to suggest strong passwords or autofill information, leaving users confused. However, with the latest updates, iCloud Keychain has become more proactive and now scans for potential password breaches, alerts users to repeated passwords, and even enables two-factor authentication (2FA).
Tap Settings, tap [your name] and then choose iCloud Tap Passwords and Keychain Turn on iCloud Keychain.
Choose Apple menu System Settings (or System Preferences) Click your name, then click iCloud Turn on Password & Keychain.
Using a password manager is essential in today's digital age. With so many accounts to keep track of, it's easy to fall into the trap of using the same password across multiple accounts or using weak passwords that are easy to guess. Apple has made it easy for users to manage their passwords by providing a built-in password manager that syncs across all Apple devices.
To access the password manager on your Apple device, go to Settings (iOS) or System Preferences (macOS) and locate the Passwords option. However, revisiting this location each time can be time-consuming.
To streamline the process and easily access your passwords, use the Passwords shortcut. For iOS and iPadOS users, it's a single tap from the home screen, while macOS users can find it in the menu bar. Make sure you have the Apple Shortcuts app installed, and then download the Passwords Shortcut or follow the provided instructions to download and run the script. This script retrieves the shortcut and configures your terminal environment for Touch ID, simplifying your authentication process.
Macs have a fingerprint scanner (Touch ID) to simplify the login process. iCloud Keychain works best when you leverage Apple’s biometric system to make filling passwords quick and easy. Then you won’t need to type your Apple ID password or passcode whenever you need to fill in a field, but this is not activated by default in the terminal, which means that when you run programs with security privileges, you need to type the password.
You can either manually set up Touch ID in your terminal by following the provided steps, or use the script for an automated process:
Note: Modifying PAM (Pluggable Authentication Module) configurations requires careful consideration due to its sensitive nature. It's imperative to fully comprehend each step and command involved in this process. Before making any changes, it is crucial to have up-to-date backups of your system to ensure safety and security. Proceed with caution and informed understanding.
-
Open Terminal: Start by launching the Terminal application on your Mac.
-
Edit Configuration: Open the
/etc/pam.d/sudo
file in a text editor. For example, using nano, enter:sudo nano /etc/pam.d/sudo
-
Integrate Touch ID: At the top of the file, add the following line:
auth sufficient pam_tid.so
-
Save Changes: After adding the line, save your changes and exit the text editor.
Following these steps enables Touch ID authentication for the sudo command in Terminal, allowing fingerprint verification instead of a password prompt.
macOS Sonoma introduced /etc/pam.d/sudo_local
, a new file to maintain Touch ID configurations for sudo across system updates. Here's the setup process:
-
Check for the template: macOS Sonoma includes a
sudo_local.template
file. Ensure its existence with:ls /etc/pam.d/sudo_local.template
-
Create File: If the
sudo_local.template
exists, copy it to createsudo_local
:sudo cp /etc/pam.d/sudo_local.template /etc/pam.d/sudo_local
-
Edit sudo_local configuration: Open
sudo_local
in a text editor, for example:sudo nano /etc/pam.d/sudo_local
-
Uncomment Touch ID rule: Uncomment the Touch ID rule by removing the `#`` at the beginning of the line:
#auth sufficient pam_tid.so
to:
auth sufficient pam_tid.so
-
Save and Test: After editing, save the changes, close the editor, and test the new configuration by using the sudo command in Terminal.
These steps enable Touch ID authentication for sudo commands on macOS Sonoma and later versions. For automated setup, consider using a script as outlined below.
Keyave is a script designed to automate the setup of Touch ID authentication for terminal operations on Mac, replacing the need for password entry. Choose from two methods for installation:
Automatic Download via curl
: Simply execute the following command in your terminal to quickly download and seamlessly install the utility:
zsh -c "$(curl -fsSL https://raw.githubusercontent.com/nicolodiamante/keyave/HEAD/bootstrap.zsh)"
Manual Cloning: For those who prefer a hands-on approach, you can manually clone the repository to your desired location (~/keyave
in this case):
git clone https://github.com/nicolodiamante/keyave.git ~/keyave
Directory Navigation & Script Execution: Navigate to the root directory of the repository, and then execute the installation script using the following command:
source utils/install.zsh
The script first determines the macOS version on your Mac. For macOS Sonoma (version 14) and later, it modifies the sudo_local
file to enable Touch ID authentication for sudo commands. This is achieved by copying a template file and adjusting its settings to incorporate Touch ID support. If the system is running an earlier version of macOS, the script instead modifies the sudo
file directly to enable Touch ID, adding the necessary configuration at the top of the file. In both scenarios, a backup of the original file is created for safety. The script is tailored to enhance security on Mac models with Touch ID capability.
Apple's iCloud Keychain is a user-friendly password management solution seamlessly integrated into the macOS ecosystem. It's ideal for casual users and families looking for simplicity. Besides password storage, it securely handles credit card data and syncs across Apple devices. With end-to-end encryption and biometric authentication, it's cost-effective and proactive against password breaches. Recent updates enable third-party app integration. iCloud Keychain combines ease of use, strong security, and broad functionality, making it a standout password manager choice.
To access the Shortcut using Spotlight, follow these steps:
Open the Shortcuts app on your Mac Open Passwords Click on the File menu in the top-left corner of the screen Click on Add to Dock from the dropdown menu.
Once you add the Shortcut to your Dock, it becomes readily accessible. You can also use Spotlight to open it by simply typing the Shortcut's name. After adding it to Spotlight, you have the option to remove the Shortcut from the Dock if you prefer. This method offers a quick and convenient way to access your password manager, ensuring efficient management of your passwords.
In Apple's default terminal it works like a charm, but in iTerm2 it needs additional configuration.
Go to Prefs Advanced Allow sessions to survive logging out and back in Set the value to no Restart iTerm.
iCloud may be Apple’s thing, but you can still get your passwords even if you have an iPhone and a PC. You’ll need to download iCloud for Windows first and ensure it’s updated to the latest version. Then you’ll need to grab the iCloud Passwords extension in the Chrome store and sign in to turn on both. Once you enter your verification code, you can grab passwords from your iCloud Keychain when visiting a site in Chrome on your PC, just as if you were using Safari on your Mac.
- Set up iCloud Keychain
- iCloud data security overview
- Two-factor authentication for Apple ID
- How to find saved passwords and passkeys on your Mac
- How to find saved passwords and passkeys on your iPhone
- Use Touch ID on Mac
- Shortcuts User Guide
Any suggestions or feedback you may have for improvement are welcome. If you encounter any issues or bugs, please report them to the issues page.