Recent macbooks have a fingerprint reader, which is typically used to unlock the computer and log in.

It is also possible to use it for sudo authentication via PAM.

This was previously covered here.

Now, with macOS Sonoma, it’s also possible to make this setting survive OS upgrades.

% sudo cp /etc/pam.d/sudo_local{.template,}
% sudo $EDITOR /etc/pam.d/sudo_local

Then uncomment (or add, if not existing) the following line:

auth       sufficient

You can test it out by opening a new terminal and executing sudo echo.