Gathering detailed insights and metrics for @twotalltotems/react-native-otp-input
Gathering detailed insights and metrics for @twotalltotems/react-native-otp-input
Tiny Javascript library which provides an elegant UI for user to input one time passcode.
Installations
npm install @twotalltotems/react-native-otp-inputDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Node Version
12.18.1
NPM Version
6.14.5
Releases
18
Languages
5
TypeScript
JavaScript
Objective-C
Starlark
Java
TypeScript (39.98%)
JavaScript (30.96%)
Objective-C (15.36%)
Starlark (8.16%)
Java (5.55%)
Developer
Twotalltotems
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
551 Stars
172 Commits
248 Forks
7 Watchers
37 Branches
22 Contributors
Updated on Jul 04, 2025
Maintainers
3
Package Meta Information
Latest Version
1.3.11
Package Id
@twotalltotems/react-native-otp-input@1.3.11
Unpacked Size
34.21 kB
Size
9.89 kB
File Count
16
NPM Version
6.14.5
Node Version
12.18.1
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
React Native OTP Input
@twotalltotems/react-native-otp-input is a tiny Javascript library which provides an elegant UI for the end user to input one time passcode (OTP). It handles the input suggestion on iOS when the OTP SMS is received. For Android, it will autofill when the user presses the copy button on the SMS notification bar. It also features a carefully crafted flow to handle edge cases for volatile user gestures. We provide default UI, but you can always customize the appearance as you like.
Installation
npm install --save @twotalltotems/react-native-otp-input
or
yarn add @twotalltotems/react-native-otp-input
Dependencies
NOTES:
From version 1.3.10: We use @react-native-community/clipboard to handle the clipboard in this package, So you should install @react-native-community/clipboard
npm install --save @react-native-community/clipboard
or
yarn add @react-native-community/clipboard
Basic Usage
1import OTPInputView from '@twotalltotems/react-native-otp-input' 2 3... 4 5<OTPInputView pinCount={4} /> 6
More Advanced Usage
1import OTPInputView from '@twotalltotems/react-native-otp-input' 2 3... 4 5<OTPInputView 6 style={{width: '80%', height: 200}} 7 pinCount={4} 8 // code={this.state.code} //You can supply this prop or not. The component will be used as a controlled / uncontrolled component respectively. 9 // onCodeChanged = {code => { this.setState({code})}} 10 autoFocusOnLoad 11 codeInputFieldStyle={styles.underlineStyleBase} 12 codeInputHighlightStyle={styles.underlineStyleHighLighted} 13 onCodeFilled = {(code => { 14 console.log(`Code is ${code}, you are good to go!`) 15 })} 16/> 17 18const styles = StyleSheet.create({ 19 borderStyleBase: { 20 width: 30, 21 height: 45 22 }, 23 24 borderStyleHighLighted: { 25 borderColor: "#03DAC6", 26 }, 27 28 underlineStyleBase: { 29 width: 30, 30 height: 45, 31 borderWidth: 0, 32 borderBottomWidth: 1, 33 }, 34 35 underlineStyleHighLighted: { 36 borderColor: "#03DAC6", 37 }, 38}); 39
Parameters
| Parameter | required | Description |
|---|---|---|
| pinCount | YES | Number of digits in the component |
| code | NO | You can use this library as a controlled / uncontrolled component by supplying this prop or not |
| codeInputFieldStyle | NO | The style of the input field which is NOT focused |
| codeInputHighlightStyle | NO | The style of the input field which is focused |
| autoFocusOnLoad | NO | Auto activate the input and bring up the keyboard when component is loaded |
| onCodeChanged | NO | Callback when the digits are changed |
| onCodeFilled | NO | Callback when the last digit is entered |
| secureTextEntry | NO | Hide contents of text fields |
| editable | NO | Set editable for inputs |
| keyboardAppearance | NO | Keyboard appearance ('default', 'dark', 'light') |
| keyboardType | NO | Keyboard type |
| clearInputs | NO | Clear inputs after entering code |
| placeholderCharacter | NO | The character/string that will be used as placeholder in the individual code input fields |
| placeholderTextColor | NO | Color of the placeholderCharacter |
Notes
The iOS input suggestion requires React Native 0.58+ and works for iOS 12 and above.
On Android, it will be auto filled when you press the copy code button in the notification bar (see above GIF). It will do so only if the code is sent after the view is loaded. So make sure you request the code AFTER this view is loaded.
If you are interested in Android SMS Retriever API, we would suggest @Faizal's repo React-Native-OTP-Verify. It looks pretty cool and it should be straight-forward to use React-Native-OTP-Verify along with this library.
Roadmap
- Typescript definition file
- Typescript implementation
- Add basic unit tests
- Add integration tests
Contributors
Anson Yao |
Felipe Peña |
Eric Dao |
Vinson Li |
Felix Cheng |
Mitchell Ganton |
|---|
External Contributors
Premium Support By TTT Studios
OTP input is presented by the mobile team at TTT Studios. We are a Digital Innovation Studio based out of Vancouver, Canada, delivering custom software and solutions that are designed and developed 100% in-house. The technologies we work with include AR & VR, IoT, AI, security & encryption, and cloud computing.
Empowering Business Through Technology
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
binaries present in source code
Details
- Warn: binary detected: example/android/gradle/wrapper/gradle-wrapper.jar:1
Reason
Found 8/19 approved changesets -- score normalized to 4
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/npmpublish.yml:1
- Warn: no topLevel permission defined: .github/workflows/test.yml:1
- Info: no jobLevel write permissions found
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npmpublish.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/tttstudios/react-native-otp-input/npmpublish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npmpublish.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/tttstudios/react-native-otp-input/npmpublish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npmpublish.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/tttstudios/react-native-otp-input/npmpublish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npmpublish.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/tttstudios/react-native-otp-input/npmpublish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/tttstudios/react-native-otp-input/test.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/tttstudios/react-native-otp-input/test.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/npmpublish.yml:19
- Warn: npmCommand not pinned by hash: .github/workflows/npmpublish.yml:30
- Warn: npmCommand not pinned by hash: .github/workflows/test.yml:26
- Info: 0 out of 5 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 0 out of 3 npmCommand dependencies pinned
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 20 are checked with a SAST tool
Reason
80 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx
- Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-8r6j-v8pm-fqw3
- Warn: Project is vulnerable to: MAL-2023-462
- Warn: Project is vulnerable to: GHSA-2cf5-4w76-r9qv
- Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8
- Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65
- Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh
- Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
- Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-4xcv-9jjx-gfj3
- Warn: Project is vulnerable to: GHSA-7wpw-2hjm-89gp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
- Warn: Project is vulnerable to: GHSA-w7rc-rwvf-8q5r
- Warn: Project is vulnerable to: GHSA-5fw9-fq32-wv5p
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-4cpg-3vgw-4877
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-rxrc-rgv4-jpvx
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-4g88-fppr-53pp
- Warn: Project is vulnerable to: GHSA-4jqc-8m5r-9rpr
- Warn: Project is vulnerable to: GHSA-g4rg-993r-mgx7
- Warn: Project is vulnerable to: GHSA-gff7-g5r8-mg8m
- Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9
- Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw
- Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
- Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
- Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-jgrx-mgxx-jf9v
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-662x-fhqg-9p8v
- Warn: Project is vulnerable to: GHSA-394c-5j6w-4xmx
- Warn: Project is vulnerable to: GHSA-78cj-fxph-m83p
- Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-6fc8-4gx4-v693
- Warn: Project is vulnerable to: GHSA-h6q6-9hqw-rwfv
- Warn: Project is vulnerable to: GHSA-5fg8-2547-mr8q
- Warn: Project is vulnerable to: GHSA-crh6-fp67-6883
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
- Warn: Project is vulnerable to: GHSA-6chw-6frg-f759
- Warn: Project is vulnerable to: GHSA-f5x2-xv93-4p23
- Warn: Project is vulnerable to: GHSA-gmpm-xp43-f7g6
- Warn: Project is vulnerable to: GHSA-pf27-929j-9pmm
- Warn: Project is vulnerable to: GHSA-327c-qx3v-h673
- Warn: Project is vulnerable to: GHSA-x4cf-6jr3-3qvp
- Warn: Project is vulnerable to: GHSA-mph8-6787-r8hw
- Warn: Project is vulnerable to: GHSA-7mhc-prgv-r3q4
- Warn: Project is vulnerable to: GHSA-v8v8-6859-qxm4
- Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
- Warn: Project is vulnerable to: GHSA-7f53-fmmv-mfjv
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Score
2.8
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More