Apple - How can I be auto logged in with the computer locked?

I outlined how to do this at http://www.tuaw.com/2011/03/07/terminally-geeky-use-automatic-login-more-securely/ but I will summarize it for you:

  1. set your account to autologin
  2. create a login item (using launchd) which calls:

/System/Library/CoreServices/Menu\ Extras/User.menu/Contents/Resources/CGSession -suspend

NOTE: that command should be ONE LONG LINE not two lines with a line break/line feed.

A more thorough explanation is available at TUAW, so I won't repeat it all here, because those are the relevant details.

What it does:

The idea is very simple, your account is set to auto-login, so all of your login items will run, however, one of those login items (the CGSession command listed above) will tell the loginwindow to appear. If you have used Fast User Switching before, you will be familiar with how it works.

"But what if someone holds down the shift key to stop autolaunching?"

In my testing, that will also prevent the user from being automatically logged in.

Is this 100% as safe as not using auto-login?

Probably not, but I'd consider it close to 99.999% as safe.

That said, use at your own risk, etc.


Since not everybody is familiar with creating a launchd / launchctl script, here's how you do it.

This explains step two of @TJ Luomas' answer and provides another option for locking your computer based on @jordanbtucker's answer:

  1. Set your account to auto login

  2. Open TextEdit and create a new file containing the following

    #!/bin/bash

/System/Library/CoreServices/Menu\ Extras/User.menu/Contents/Resources/CGSession -suspend
    • Another option is to put the screen to sleep combined with requiring a password every time your computer wakes from sleep, which keeps more processes enabled

    • To use this alternate method:

      • Go to System Preferences > Security & Privacy > General and enable Require password immediately after sleep or screen saver begins

      • Use this script instead

        #!/bin/bash

pmset displaysleepnow

  3. Name the file suspend.sh and save it to your User folder (~)

    • Starting in Catalina, launchd may not be able to access the script from your User folder due to new privacy restrictions; I have confirmed it works from your Applications folder without requiring any privilege changes

  4. Open TextEdit and create a new file with the following content

    <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>com.fl034.suspendAfterLogin</string>
    <key>Program</key>
    <string>/Users/fl034/suspend.sh</string>
    <key>RunAtLoad</key>
    <true/>
</dict>
</plist>
    • Replace fl034 with your username
    • Ensure the Program path matches the location you chose in step 3

  5. Save the file to ~/Library/LaunchAgents/com.fl034.suspendAfterLogin.plist, replacing fl034 with your username

  6. Restart your Mac to see if it works

WARNING: This script leads to problems with App Store.app in macOS Catalina

Tags:

Macos

Mac

Macbook Pro

Related

Apple - "USB device drawing too much power" error on startup with no devices connected Apple - iOS reply to email with attachment Apple - Problems with font rendering on a MacBook Pro using external 24" LCD Apple - How can I prevent an SSH session from hanging in OS X Terminal? Apple - How can I disable Safe Boot or the Shift Key? Apple - How does one type an "É" (capital e acute) in the French keyboard layout in Mac OS X? Apple - Is there a 3rd party program that can change the cursor size? Apple - Opening .msg file in Outlook for Mac 2011 Apple - How can I avoid re-encoding of video in iMovie and use it for cutting only? Apple - What are some best practices for a family sharing a single Apple ID? Apple - Weird characters appear when pressing command-A,C,V Apple - How does Mac OS X decide which volumes to mount? One of my disks doesn't mount at boot

Recent Posts