Get Keychain Passwords from Command Line
One of my favorite command line utilities is Guillermo Rauch's wifi-password, a utility that allows you to get a saved password for the wifi network you're presently connected to (to share with colleagues or creeper in the cafe you're in). The idea of being able to get a password from command line is super useful, especially when it comes to retrieving a password for a website.
If I don't recall a password but know that Mac OS' keychain has it, I need to open my browser, go to the desired website, use the developer tools to change the
text, a process that takes far too long for my liking. Shouldn't getting a password from keychain be faster? It can be with
sudo security find-internet-password -gs www.facebook.com
The snippet above queries the keychain (sometimes triggering a system permission dialog or two along the way), returning the account (username or email) and password registered on my system for the given domain!
keychain: "/Users/myuser/Library/Keychains/login.keychain-db" version: 512 class: "inet" attributes: 0x00000007 <blob>="www.facebook.com" 0x00000008 <blob>=<NULL> "acct"<blob>="email@example.com" "atyp"<blob>="form" "crtr"<uint32>="rimZ" "cusi"<sint32>=<NULL> "desc"<blob>=<NULL> "icmt"<blob>=<NULL> "invi"<sint32>=<NULL> "nega"<sint32>=<NULL> "path"<blob>="/" "port"<uint32>=0x00000000 "prot"<blob>=<NULL> "ptcl"<uint32>="htps" "scrp"<sint32>=<NULL> "sdmn"<blob>=<NULL> "srvr"<blob>="www.facebook.com" "type"<uint32>=<NULL> password: "wouldntyouliketoknow"
If you've not explored the
security utility, I highly recommend it. You can get an exported credential list, set passwords, create new dictionaries and more!