One of my biggest small wins this month: learning how the macOS
security CLI tool works. It can store and retrieve Keychain entries:
security add-generic-password -a czottmann -s "My secret API key" -w asks for the PW and stores it.
security find-generic-password -a czottmann -s "My secret API key" -w retrieves and outputs it.
Super useful: if you store a password like this,
security automatically whitelists itself for password-less access to that particular password, meaning it’s trivial to fetch passwords from the Keychain in scripts.