Adding Touch ID to an external keyboard or closed MacBook on a Mac

If you're considering Smith.ai or an existing customer, you're someone who cares about productivity and making the most of your time. You know little things add up to be big annoyances. And one of those for anyone who works off a MacBook with an external keyboard is losing Touch ID and having to enter your password all the time.

Touch ID on your MacBook lets you quickly unlock your Mac, make purchases, authenticate system dialogs, and more. But it doesn't work when your Mac is closed and you're using an external display and keyboard. But in just a few steps with a Yubikey, you can be back to one-tap authentication. Yes, there is a solution for adding fingerprint login to your Mac!

This is for anyone who:

• Wants one-touch authentication on a Mac that doesn't have Touch ID
• Wants one-touch authentication on a Mac that has Touch ID, but closes the lid to use it on their desk

In this short tutorial, we'll show you what hardware to get, and how to set it up.

Step 1: Identify What Hardware You Need

A Yubikey is term for one of five models of usb password-generating and authentication devices made by Yubico. They are the industry standard for hardware Two-Factor Authentication/2FA. (When I was at Google, they actually had candy jars full of them on counters because of how many we'd need.) So, first figure out what kind of port you'll be plugging your Yubikey in to. It should be something near your keyboard, or the keyboard itself, and connected to your computer. This could be a keyboard with USB ports on the back, a display with USB ports on the side, or a USB hub that you attach to your closed laptop, for example.

• USB-A (the familar, flat rectangular USB we've all known for years and plug in wrong 50% of the time): Get a Yubikey 5 Nano
• USB-C (the rounded rectangle found on most products now): Get a Yubikey 5C or Yubikey 5C Nano

(We're linking to the manufacturer's website but you can find them elsewhere, too.)

Once you have it, let's continue. And we should note, these instructions are for a brand new Yubikey — we are not responsible for any crisis caused by overwriting configuration on an existing one!

Step 2: Configure it with Your System Password

First, download the YubiKey personalization tool, here. Then follow the instructions in this video to configure it with your system password.

Please open a text editor and verify that it's working. To do this, hold your finger on the Yubikey for 3-4 seconds and it should type out your password. If it doesn't, please repeat these steps:

1. Open the Yubikey Personalization Tool.
2. Verify that your Yubikey is inserted — you should see "Yubikey is inserted" in the right column and some statistics about your Yubikey.
3. Choose "Static Password" from the top tabs, and select "Configuration Slot 2"
4. Choose "US Keyboard" for Keyboard
5. Type your password in the input marked "Password."
6. Press "Write Configuration"

Now try it again in the text editor. It should work.

Step 3: Switching From Long-Press to Short-Press

Your Yubikey has two "slots" to generate passwords. It comes from the factory with Slot 1 programmed for Yubico OTP (One-Time Password) on just a tap. We want that "tap" but we don't need to lose the Yubico OTP. So, we'll now swap those slots.

1. In the Personalization Tool, go to Settings -> Update Settings... (it's a button at the bottom on the main "Settings" Screen)
2. Select "Slot 1"
3. Press "Swap"

You've now swapped the Yubico OTP to long-press (Slot 2), and your system password to just a tap, via Slot 1. Test that out in your text editor to verify it.

That's it. Congratulations. You can now enter your system password with just a tap on Mac OS X. Whether you never had a Mac with Touch ID at all, or you have one but it's closed when it's in use on your desk, you now can deal with the 20 password dialogs per day with ease.

🚨 Super important note about security! 🚨

Ok, this is important: What you're doing is a major security risk. With TouchID, your finger is your password, and your finger goes with you. Therefore, don't leave your Yubikey plugged in when you are not around, don't leave it in any accessible places, and so on. Anyone who has access to it could have access to your private information by unlocking your computer.

What Next? What Else Can I Do with This?

What you do with Slot 2, the long-press, is up to you. If you use 1Password, our favorite password manager at Smith.ai, you may want to use a separate password for 1Password for security purposes and configure your Yubikey with that password. You can also use it as your main 2FA Authentication generator, a hardware authentication for a specific service or app, and more.