Get Keychain Passwords from Command Line

By  on  

One of my favorite command line utilities is Guillermo Rauch's wifi-password, a utility that allows you to get a saved password for the wifi network you're presently connected to (to share with colleagues or creeper in the cafe you're in).  The idea of being able to get a password from command line is super useful, especially when it comes to retrieving a password for a website.

If I don't recall a password but know that Mac OS' keychain has it, I need to open my browser, go to the desired website, use the developer tools to change the input type from password to text, a process that takes far too long for my liking.  Shouldn't getting a password from keychain be faster?  It can be with security:

sudo security find-internet-password -gs www.facebook.com

The snippet above queries the keychain (sometimes triggering a system permission dialog or two along the way), returning the account (username or email) and password registered on my system for the given domain!

keychain: "/Users/myuser/Library/Keychains/login.keychain-db"
version: 512
class: "inet"
attributes:
   0x00000007 <blob>="www.facebook.com"
   0x00000008 <blob>=<NULL>
   "acct"<blob>="myemailaddress@gmail.com"
   "atyp"<blob>="form"
   "crtr"<uint32>="rimZ"
   "cusi"<sint32>=<NULL>
   "desc"<blob>=<NULL>
   "icmt"<blob>=<NULL>
   "invi"<sint32>=<NULL>
   "nega"<sint32>=<NULL>
   "path"<blob>="/"
   "port"<uint32>=0x00000000
   "prot"<blob>=<NULL>
   "ptcl"<uint32>="htps"
   "scrp"<sint32>=<NULL>
   "sdmn"<blob>=<NULL>
   "srvr"<blob>="www.facebook.com"
   "type"<uint32>=<NULL>
password: "wouldntyouliketoknow"

If you've not explored the security utility, I highly recommend it.  You can get an exported credential list, set passwords, create new dictionaries and more!

Recent Features

Incredible Demos

  • By
    Flexbox Equal Height Columns

    Flexbox was supposed to be the pot of gold at the long, long rainbow of insufficient CSS layout techniques.  And the only disappointment I've experienced with flexbox is that browser vendors took so long to implement it.  I can't also claim to have pushed flexbox's limits, but...

  • By
    Check All/None Checkboxes Using MooTools

    There's nothing worse than having to click every checkbox in a list. Why not allow users to click one item and every checkbox becomes checked? Here's how to do just that with MooTools 1.2. The XHTML Note the image with the ucuc ID -- that...

Discussion

  1. To get a password from macOS’ keychain you can use “Keychain Access.app” https://support.apple.com/kb/PH20093

  2. Billy Matthews

    I can see the usefulness of accessing this via the command line. But instead of fiddling with the dev tools and input types, why wouldn’t you just use spotlight to open the keychain directly and search from the GUI there? That seems faster than any of these methods.

  3. iPoul

    Would be better if you could search for the password itself, to see where it’s used. Then you would know where to update in case of an adobe breach. xD

Wrap your code in <pre class="{language}"></pre> tags, link to a GitHub gist, JSFiddle fiddle, or CodePen pen to embed!