Encrypted file store, optionally secured by biometric lock for Android, iOS, MacOS and partial support for Linux, Windows and Web.

Meant as a way to store small data in a hardware encrypted fashion. E.g. to store passwords, secret keys, etc. but not massive amounts of data.

  • Android: Uses androidx with KeyStore.
  • iOS and MacOS: LocalAuthentication with KeyChain.
  • Linux: Stores values in Keyring using libsecret. (No biometric authentication support).
  • Windows: Uses wincreds.h to store into read/write into credential store.
  • Web: Warning Uses unauthenticated, unencrypted storage in localStorage. If you have a better idea for secure storage on web platform, please open an Issue.

Check out AuthPass Password Manager for a app which makes heavy use of this plugin.

Getting Started



  • Requirements:
    • Android: API Level >= 23 (android/app/build.gradle minSdkVersion 23)

    • Make sure to use the latest kotlin version:

      • android/build.gradle: ext.kotlin_version = '1.4.31'
    • MainActivity must extend FlutterFragmentActivity

    • Theme for the main activity must use Theme.AppCompat thme. (Otherwise there will be crases on Android < 29) For example:




          <style name="LaunchTheme" parent="Theme.AppCompat.NoActionBar">
          <!-- Show a splash screen on the activity. Automatically removed when
               Flutter draws its first frame -->
          <item name="android:windowBackground">@drawable/launch_background</item>
          <item name="android:windowNoTitle">true</item>
          <item name="android:windowActionBar">false</item>
          <item name="android:windowFullscreen">true</item>
          <item name="android:windowContentOverlay">@null</item>


  • include the NSFaceIDUsageDescription key in your app’s Info.plist file
  • Requires at least iOS 9

Known Issue: since iOS 15 the simulator seem to no longer support local authentication:

Mac OS

  • include the NSFaceIDUsageDescription key in your app’s Info.plist file
  • enable keychain sharing and signing. (not sure why this is required. but without it You will probably see an error like:

    SecurityError, Error while writing data: -34018: A required entitlement isn't present.

  • Requires at least Mac OS 10.12


You basically only need 4 methods.

  1. Check whether biometric authentication is supported by the device
  final response = await BiometricStorage().canAuthenticate()
  if (response != CanAuthenticateResponse.success) {
    // panic..
  1. Create the access object
  final store = BiometricStorage().getStorage('mystorage');
  1. Read data
  final data = await;
  1. Write data
  final myNewData = 'Hello World';
  await storageFile.write(myNewData);

See also the API documentation: