It’s possible to use your fingerprint and Touch ID feature of new Macbooks to confirm your access to sudo command. To achieve that you need to put string auth sufficient pam_tid.so as the first line in the file /etc/pam.d/sudo, here is the quick snippet for this (run this via Bash!):

sudo sed -i -e 's/# sudo: auth account password session/# sudo: auth account password session\'$'\nauth       sufficient     pam_tid.so/' /etc/pam.d/sudo

After that, please, ensure if your configuration looks similar to this:

$ cat /etc/pam.d/sudo
# sudo: auth account password session
auth       sufficient     pam_tid.so
auth       sufficient     pam_smartcard.so
auth       required       pam_opendirectory.so
account    required       pam_permit.so
password   required       pam_deny.so
session    required       pam_permit.so

Using Touch ID to run sudo can prevent neighbours, or cameras to see or record how did you type in your password.