Get Passwords From Mac's Keychain Access App In Rust

```cargo
[dependencies]
security-framework = "2.10"
```

use security_framework::passwords::get_generic_password;

fn main() {
    let key = "example-password-name";
    let account = "alan";
    match get_generic_password(key, account) {
        Ok(response) => println!("{}", String::from_utf8(response).unwrap()),
        Err(e) => println!("{}", e)
    }
}
TODO: Show Results Output

I don't like using plain-text config or .env files for storing passwords. Beyond the possibility of accidentally sending them to github I also stream which opens up an entirely new way to dox credentials.

Instead, I store credentails inside my system's password mananger and use them from there. Here's Rust the code I use to get a credentail from my mac's Keychain Access app.

When I run that code I get a system pop-up asking me for my user password.

My apologies. Alt text is currently offline. I'm working on an update to fix it.

When I enter it correctly the code can grab the password and use it from there. The chances of doxing myself aren't eliminated, but they go way down.

~ fin ~

Endnotes

  • This example is Rust. There are similar features available in other langauges and frameworks. And, worst case, Keychain Access has a command line interface so you could use it as an API if necessary.

  • Keychain Access is the macOS password mananger. Similar ones exist on Windows and Linux distributions.

References

  • It has 44 million downloads which is a nice indication that it's probably about as safe as you're gonna get

  • A fun little comic showing a good way to make strong passwords you can actually remember. (though, you should still be using a password mananger for everything you can)