roll the clip

Bypassing 2FA in Web Scraping: Why iMessage is a Local SQL Database and How That Changes Everything The Problem Two-factor authentication kills web scraping. Every automated login flow hits...

Wrote up the full implementation with code, architecture decisions, and how I keep PII out of the LLM context.

dev.to/mparker25/by...

#macOS #sqlite #2FA #webscraping #ai

For the search algorithm: #webscraping #python #macOS #sqlite #automation

Built a web scraper that handles SMS 2FA by querying iMessage's local SQLite database. No Twilio, no webhooks, just SQL. Here's the full breakdown 🧵

The real insight isn’t about iMessage specifically.
Your Mac is full of SQLite databases: Messages, Safari history, Contacts, Notes, Calendar. When you need data from these apps, you don’t need an API. Just query the .db file.

The whole solution is ~100 lines of Python.
Snapshot the DB state before login. Trigger the SMS send. Poll for new messages. Regex out the code. Fill it into the page with Playwright.
Zero external dependencies.

If you’re on a Mac with iMessage syncing, every SMS that hits your phone lands in ~/Library/Messages/chat.db within seconds.

It’s a plain SQLite file. You can query your entire message history right now with sqlite3.

SMS 2FA is the scraper killer. Every automated login flow dies when the site says “we just sent you a code.”
I found a fix that’s almost embarrassingly simple. No Twilio. No webhooks. No cloud infra. Just a SQLite query.
Thread 🧵