How to reset Mac user password while having working TouchID access

Do to the some reason I have not figured out yet, after having changed my MBP password (via the boot screen password expiration overlay triggered by jamf) I can't seem to authenticate with either the old or the new password, yet I can still use my TouchID to login.

How can I reset my password given that I am still able to authenticate with TouchID?

I assumed that getting a root shell would allow me to reset the password with passwd but can't get past sudo -i without a valid password.

Since I can authorise with TouchID I tried opening the root terminal with applescript:

do shell script "/usr/bin/open -a iTerm .  & > /dev/null 2>&1 &  " with administrator privileges

The script triggers the ootb GUI authentication dialog which I can approve with TouchID, and it shows the iterm2 terminal window in root mode, but the window is not interactive, i.e. it does not accept any keystrokes.

Is there any possible solution out of this other than backing up everything while I still have access to files, and then reinstall the OS from scratch? (FileVault is enabled.)

Proceed at your own risk

You can try to add TouchId as a method to authenticate sudo.

In Finder go /etc/pam.d/, copy sudo to your desktop. Edit this file in a text editor and add auth sufficient pam_tid.so as top line. It should look like:

# sudo: auth account password session
auth       sufficient     pam_tid.so
auth       sufficient     pam_smartcard.so
auth       required       pam_opendirectory.so
account    required       pam_permit.so
password   required       pam_deny.so
session    required       pam_permit.so

Now copy this sudo file to /etc/pam.d/. Finder will ask you if you want to replace the existing file. If you select replace, Finder will ask you to authorise the action via TouchID.

From that point on you can invoke sudo with TouchID.