Get Keychain Passwords from Command Line

By  on  

One of my favorite command line utilities is Guillermo Rauch's wifi-password, a utility that allows you to get a saved password for the wifi network you're presently connected to (to share with colleagues or creeper in the cafe you're in).  The idea of being able to get a password from command line is super useful, especially when it comes to retrieving a password for a website.

If I don't recall a password but know that Mac OS' keychain has it, I need to open my browser, go to the desired website, use the developer tools to change the input type from password to text, a process that takes far too long for my liking.  Shouldn't getting a password from keychain be faster?  It can be with security:

sudo security find-internet-password -gs www.facebook.com

The snippet above queries the keychain (sometimes triggering a system permission dialog or two along the way), returning the account (username or email) and password registered on my system for the given domain!

keychain: "/Users/myuser/Library/Keychains/login.keychain-db"
version: 512
class: "inet"
attributes:
   0x00000007 <blob>="www.facebook.com"
   0x00000008 <blob>=<NULL>
   "acct"<blob>="myemailaddress@gmail.com"
   "atyp"<blob>="form"
   "crtr"<uint32>="rimZ"
   "cusi"<sint32>=<NULL>
   "desc"<blob>=<NULL>
   "icmt"<blob>=<NULL>
   "invi"<sint32>=<NULL>
   "nega"<sint32>=<NULL>
   "path"<blob>="/"
   "port"<uint32>=0x00000000
   "prot"<blob>=<NULL>
   "ptcl"<uint32>="htps"
   "scrp"<sint32>=<NULL>
   "sdmn"<blob>=<NULL>
   "srvr"<blob>="www.facebook.com"
   "type"<uint32>=<NULL>
password: "wouldntyouliketoknow"

If you've not explored the security utility, I highly recommend it.  You can get an exported credential list, set passwords, create new dictionaries and more!

Recent Features

  • By
    An Interview with Eric Meyer

    Your early CSS books were instrumental in pushing my love for front end technologies. What was it about CSS that you fell in love with and drove you to write about it? At first blush, it was the simplicity of it as compared to the table-and-spacer...

  • By
    CSS Animations Between Media Queries

    CSS animations are right up there with sliced bread. CSS animations are efficient because they can be hardware accelerated, they require no JavaScript overhead, and they are composed of very little CSS code. Quite often we add CSS transforms to elements via CSS during...

Incredible Demos

  • By
    Fix Anchor URLs Using MooTools 1.2

    The administrative control panel I build for my customers features FCKEditor, a powerful WYSIWYG editor that allows the customer to add links, bold text, create ordered lists, and so on. I provide training and documentation to the customers but many times they simply forget to...

  • By
    Introducing MooTools Dotter

    It's best practice to provide an indicator of some sort when performing an AJAX request or processing that takes place in the background. Since the dawn of AJAX, we've been using colorful spinners and imagery as indicators. While I enjoy those images, I am...

Discussion

  1. To get a password from macOS’ keychain you can use “Keychain Access.app” https://support.apple.com/kb/PH20093

  2. Billy Matthews

    I can see the usefulness of accessing this via the command line. But instead of fiddling with the dev tools and input types, why wouldn’t you just use spotlight to open the keychain directly and search from the GUI there? That seems faster than any of these methods.

Wrap your code in <pre class="{language}"></pre> tags, link to a GitHub gist, JSFiddle fiddle, or CodePen pen to embed!