Yevhen Klymentiev
dark
light
console
darkness
y.klymentiev@gmail.com
Reusable Snippets|Practical utility code for everyday use — custom-built and ready to share

maskString

Masks a string by replacing all but the last 'visibleCount' characters with a mask character. If the string is shorter than or equal to 'visibleCount', the original string is returned.

TypeScript
Copied!
1/**
2 * Masks a string by replacing all but the last 'visibleCount' characters
3 * with a mask character.
4 * If the string is shorter than or equal to 'visibleCount',
5 * the original string is returned.
6 *
7 * @param str - The input string to mask.
8 * @param visibleCount - Number of characters to leave unmasked at the end (default is 4).
9 * @param maskChar - The character to use for masking (default is '*').
10 * @returns The masked string.
11 */
12export function maskString(
13  str: string,
14  visibleCount: number = 4,
15  maskChar: string = '*'
16): string {
17  const maskedLength = Math.max(str.length - visibleCount, 0);
18  return maskChar.repeat(maskedLength) + str.slice(-visibleCount);
19}

  • Flexible Masking Logic

    Allows customization of both the number of visible characters and the masking character, making it adaptable for various privacy needs.

  • Preserves End of Sensitive Data

    Retains the last few characters (e.g., last 4 digits of a card number), which is useful for partial identification or confirmation.

  • Safe Defaults

    Uses sensible defaults (visibleCount = 4, maskChar = '*'), making it easy to use out-of-the-box without configuration.

  • Gracefully Handles Short Strings

    Returns the original string unmodified when its length is less than or equal to visibleCount, preventing over-masking.

Tests | Examples

TypeScript
Copied!
1test('maskString - masks all but last 4 characters by default', () => {
2  expect(maskString('1234567890')).toBe('******7890');
3});
4
5test('maskString - custom visibleCount', () => {
6  expect(maskString('abcdef', 2)).toBe('****ef');
7});
8
9test('maskString - custom mask character', () => {
10  expect(maskString('secret', 3, '#')).toBe('###ret');
11});
12
13test('maskString - visibleCount greater than string length', () => {
14  expect(maskString('abc', 5)).toBe('abc');
15});
16
17test('maskString - empty string', () => {
18  expect(maskString('', 4)).toBe('');
19});
20
21test('maskString - visibleCount = 0 masks everything', () => {
22  expect(maskString('12345', 0)).toBe('*****');
23});

Common Use Cases

  • Masking Sensitive User Data

    Hide parts of email addresses, phone numbers, credit card numbers, or national ID numbers while displaying only the identifying suffix.

  • Data Obfuscation for UI Display

    Mask content in admin dashboards or log views to prevent exposure of full sensitive data.

  • Form Previews and Confirmation Screens

    Display partially masked inputs to reassure users their data was stored or entered correctly (e.g., "****1234").

  • Logging Without Leaking

    Mask sensitive values before writing logs to avoid leaking secrets or personal information.

 PrevioushighlightMultipleNext padString
2025 Copyright © Yevhen Klymentiev
Codebase: Utilities -> Strings -> maskString | Yevhen Klymentiev