Since 1Password added Apple Watch unlock I’ve wondered if there are other situations when I need to enter my password where it instead require a click of my Watch instead. I recently came across an article about how to make sudo work with Touch ID, which is nice, but my iMac Pro doesn’t have Touch ID. I went searching though and found pam-watchid!
This is a PAM module for using the Watch – exactly what I want.
It’s Open Source, so you compile it yourself as per the README, so make sure you have Xcode or the Xcode Command Line Tools installed:
Download the latest ZIP file
Unzip, which by default creates a folder called pam-watchid-main
Open Terminal and install it:
$ cd ~/Downloads/pam-watchid-main
$ sudo make install
Regsiter the new PAM module for sudo:
Edit /etc/pam.d/sudo
Add a new line under line 1 (which is a comment) containing:
auth sufficient pam_watchid.so
(Leave all other lines in this file.)
That’s it. Now, whenever you use sudo, you have the option of using your Watch to authenticate.
Permanent link to this post here
