Skip to content
Store a password behind biometric authentication
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


Store a password behind biometric authentication.

This is a microlibrary for storing a password in the keychain, instructing the keychain to only give it back if the user first authenticates with TouchID or FaceID.

BioPass uses Valet under the hood, but exposes a simpler api that uses PromiseKit, so that you don't have to consider which thread to call from.

note: In order for your user not to receive a prompt that your app does not yet support Face ID, you must set a value for the Privacy - Face ID Usage Description (NSFaceIDUsageDescription) key in your app’s Info.plist.

note: BioPass supports iOS 9.0 and macOS 10.12.1.



dependencies: [
    .package(url: "", from: "2.0.0"),


github "LinusU/BioPass" ~> 2.0.0


If you have Valet and PromiseKit installed, you can simply drop the single source file BioPass.swift into your project.


import BioPass
import PromiseKit

let bioPass = BioPass()

// Store a password for future retreival
firstly {"secret")
}.done {
    print("Password stored!")
}.catch { err in
    print("Failed to store password: \(err)")

// Retreive a stored password (will trigger TouchID / FaceID prompt)
firstly {
    bioPass.retreive(withPrompt: "Give us the secret password!")
}.done { password in
  print("The password was: \(password)")
}.catch { err in
    print("Failed to retreive password: \(err)")

// Delete the stored password
firstly {
}.done {
    print("Password deleted!")
}.catch { err in
    print("Failed to delete password: \(err)")


BioPass(_ serviceName: String = Bundle.main.bundleIdentifier!)

Create a new BioPass object, optionally passing in a service name to store the password under. If no service name is provided, it will default to Bundle.main.bundleIdentifier!.

BioPass(withSharedAccessGroup sharedAccessGroupName: String)

Create a new BioPass object that will store the data in a shared keychain access group. The sharedAccessGroupName should match one of the names under the apps keychain-access-groups entitlement (without the 10 char Bundle Seed ID, that part will be added automatically).

.store(_ password: String) -> Promise<Void>

Store a password for later retreival. Returns a Promise that will settle when the password have been saved.

.retreive(withPrompt prompt: String) -> Promise<String?>

Retreive a previously stored password. Returns a Promise that will settle with the password. If the user cancels the authentication or if no password was stored, the Promise will settle with nil.

.delete() -> Promise<Void>

Delete the stored password. Returns a Promise that will settle when the password have been deleted.


The Xcode project is generated automatically from project.yml using XcodeGen. It's only checked in because Carthage needs it, do not edit it manually.

You can’t perform that action at this time.