Delete passwords in Python keyring: use delete_password, handle PasswordDeleteError, verify removal

Learn to delete stored credentials in Python keyring with delete_password, handle PasswordDeleteError, and verify removal to keep your local secret store clean.

When you rely on Python’s keyring to keep a password for an external service, at some point you may need to remove that secret. Setting and reading credentials is straightforward, but the API for deleting them is easy to overlook. Here is a short, practical guide on how to remove stored credentials with keyring safely and predictably.

Problem overview

You store a password with keyring and can fetch it later. Now you want to delete that saved password entirely.

import keyring

# Save a password for later use
keyring.set_password("svc_label", "acct_id", "secret_value")

# Retrieve the saved password
pwd = keyring.get_password("svc_label", "acct_id")

What’s going on under the hood

The keyring library exposes functions to set, get, and remove secrets by a pair of identifiers: a service label and a username. Besides the familiar set_password and get_password, there is a dedicated API for removal. If you try to delete a non-existent entry, keyring signals that situation by raising an instance of keyring.errors.PasswordDeleteError.

Solution: remove credentials with delete_password

Use keyring.delete_password to delete a saved secret associated with a specific service and username.

keyring.delete_password(service_name, username)

Below is a complete flow showing how to set, read, delete, and verify the absence of the password afterward.

import keyring

svc_name = "external_service"
user_handle = "sample_user"

# Store the secret
keyring.set_password(svc_name, user_handle, "secret_value")

# Confirm it exists
print(keyring.get_password(svc_name, user_handle))  # secret_value

# Remove the credential
keyring.delete_password(svc_name, user_handle)

# Verify deletion
print(keyring.get_password(svc_name, user_handle))  # None

If the password does not exist or was already deleted, keyring will raise keyring.errors.PasswordDeleteError.

Why this matters

Credentials tend to linger when they are not cleaned up intentionally. Knowing about keyring.delete_password helps keep your local secret store aligned with reality and avoids accidental reuse of obsolete data. Being aware of keyring.errors.PasswordDeleteError also clarifies how to handle the case where there is nothing to remove.

Takeaways

Use keyring.delete_password to remove secrets tied to a service and username when they are no longer needed. Keep the same identifiers across set, get, and delete so you operate on the intended entry. If you might encounter already-missing credentials, account for the keyring.errors.PasswordDeleteError path. This small habit keeps your credential management predictable and tidy.