Jump to content
Terminal

Secure Text Entry

Recommended Posts

Utilizing Alfred amazing launcher abilities, I've got a few workflows that include passing a password to a command, because I didn't want to type decrypt XXXXXXX (Password) I use a Applescript to prompt me for a secure entry dialog and pass that to my commands, any way to add a "Secure Entry" object that is configured to mask input and strip from debug logs ?

Share this post


Link to post
Share on other sites

Isn’t using the Keychain an option? You can save password there and read them back with the security CLI tool (bundled with macOS). It’s the method I use to save/read API keys in my Workflows.

Share this post


Link to post
Share on other sites
1 hour ago, vitor said:

Isn’t using the Keychain an option? You can save password there and read them back with the security CLI tool (bundled with macOS). It’s the method I use to save/read API keys in my Workflows.


Does this prompt you for your password or is it functional without those prompts ?

Share this post


Link to post
Share on other sites
2 hours ago, Terminal said:

Does this prompt you for your password or is it functional without those prompts ?

 

If your Keychain is locked, it will prompt you for your account password (to unlock the Keychain). If it is unlocked, it returns the password (or other information you request) without needing anything else.


But it does require that you add your passwords beforehand, which is why I asked if it was an option.


Examples, from PinPlus:

  • To add the Pinboard token to the Keychain as a password (could also do it via the GUI): security add-generic-password -a <ACCOUNT NAME> -s 'Pinboard API Token' -w <TOKEN>
  • To output the password (e.g. as input to a variable): security find-generic-password -s 'Pinboard API Token' -w
  • To delete the entry: security delete-generic-password -s 'Pinboard API Token'

 

Pinboard API Token in the examples could be anything, it’s a descriptor to interact with the specific entry.

Share this post


Link to post
Share on other sites
4 minutes ago, vitor said:

 

If your Keychain is locked, it will prompt you for your account password (to unlock the Keychain). If it is unlocked, it returns the password (or other information you request) without needing anything else.


But it does require that you add your passwords beforehand, which is why I asked if it was an option.


Examples, from PinPlus:

  • To add the Pinboard token to the Keychain as a password (could also do it via the GUI): security add-generic-password -a <ACCOUNT NAME> -s 'Pinboard API Token' -w <TOKEN>
  • To output the password (e.g. as input to a variable): security find-generic-password -s 'Pinboard API Token' -w
  • To delete the entry: security delete-generic-password -s 'Pinboard API Token'

 

 

Pinboard API Token in the examples could be anything, it’s a descriptor to interact with the specific entry.


this might be perfect actually ! Thanks for the idea. 

Share this post


Link to post
Share on other sites
7 hours ago, Terminal said:

Does this prompt you for your password or is it functional without those prompts ?

 

As a rule, you don't have to enter your password. Your Keychain is unlocked on login, and the software that saves a password automatically has access to it. You should be asked for your password and to allow access to an item if your workflow tries to read an item saved by another program.

 

You likely don't need to mess around with /usr/bin/security directly, either. wf.Keychain.Get() and wf.Keychain.Set().

Edited by deanishe

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...