Security News
NVD Backlog Tops 20,000 CVEs Awaiting Analysis as NIST Prepares System Updates
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
By Sarah Gooding - Nov 19, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
What is keytar?
The keytar npm package is a native module for Node.js that allows you to securely store and retrieve credentials using the operating system's native credential storage mechanisms. It supports macOS, Windows, and Linux, providing a cross-platform solution for managing sensitive information.
What are keytar's main functionalities?
Store a password
This feature allows you to store a password securely in the operating system's credential storage. The `setPassword` method takes three arguments: the service name, the account name, and the password.
const keytar = require('keytar');
async function storePassword() {
await keytar.setPassword('service', 'account', 'password');
console.log('Password stored successfully');
}
storePassword();Retrieve a password
This feature allows you to retrieve a stored password from the operating system's credential storage. The `getPassword` method takes two arguments: the service name and the account name.
const keytar = require('keytar');
async function getPassword() {
const password = await keytar.getPassword('service', 'account');
console.log('Retrieved password:', password);
}
getPassword();Delete a password
This feature allows you to delete a stored password from the operating system's credential storage. The `deletePassword` method takes two arguments: the service name and the account name.
const keytar = require('keytar');
async function deletePassword() {
const result = await keytar.deletePassword('service', 'account');
console.log('Password deleted:', result);
}
deletePassword();Find credentials
This feature allows you to find all credentials associated with a specific service. The `findCredentials` method takes one argument: the service name.
const keytar = require('keytar');
async function findCredentials() {
const credentials = await keytar.findCredentials('service');
console.log('Found credentials:', credentials);
}
findCredentials();Other packages similar to keytar
osx-keychain
The osx-keychain package is another macOS-specific package that allows you to interact with the macOS Keychain. It provides methods to add, find, and delete keychain items. It is similar to keytar but limited to macOS.
wincred
The wincred package is a Windows-specific package that allows you to store and retrieve credentials using the Windows Credential Manager. It provides similar functionality to keytar but is limited to the Windows platform.
keytar - Node module to manage system keychain
A native Node module to get, add, replace, and delete passwords in system's keychain. On OS X the passwords are managed by the Keychain, on Linux they are managed by Gnome Keyring and on Windows they are managed by Credential Vault.
Installing
npm install keytar
On Linux
Currently this library uses the gnome-keyring so you may need to run sudo apt-get install libgnome-keyring-dev before npm installing.
Building
- Clone the repository
- Run
npm install - Run
gruntto compile the native and CoffeeScript code - Run
grunt testto run the specs
Docs
keytar = require 'keytar'
getPassword(service, account)
Get the stored password for the service and account.
service - The string service name.
account - The string account name.
Returns the string password or null on failures.
addPassword(service, account, password)
Add the password for the service and account to the keychain.
service - The string service name.
account - The string account name.
password - The string password.
Returns true on success, false on failure.
deletePassword(service, account)
Delete the stored password for the service and account.
service - The string service name.
account - The string account name.
Returns the string password or null on failures.
replacePassword(service, account, password)
Replace the password for the service and account in the keychain.
This is a simple convenience function that internally calls
deletePassword(service, account) followed by
addPassword(service, account, password).
service - The string service name.
account - The string account name.
password - The string password.
Returns true on success, false on failure.
findPassword(service)
Find a password for the service in the keychain.
service - The string service name.
Returns the string password or null on failures.
FAQs
Bindings to native Mac/Linux/Windows password APIs
The npm package keytar receives a total of 354,380 weekly downloads. As such, keytar popularity was classified as popular.
We found that keytar demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 12 open source maintainers collaborating on the project.
Package last updated on 01 Jul 2014
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Malicious npm Package Exploits WhatsApp Authentication with Remote Kill Switch for File Destruction
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.
By Kush Pandya - Nov 15, 2024
Security News
PyPI Introduces Digital Attestations to Strengthen Python Package Security
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
By Sarah Gooding - Nov 15, 2024