A privacy-first, minimal password manager with client-side AES-256 encryption. Built with Next.js, TypeScript, and MongoDB.
π Live Application: https://your-passvault.vercel.app
Replace the URL above with your actual Vercel deployment URL after deploying
Demo Credentials (if you want to provide a demo account):
- Email:
demo@passvault.com - Password:
DemoPass123!@#
π₯ Watch Demo (60-90 seconds)
Upload your screen recording to YouTube, Loom, or any video platform and add the link here
PassVault uses client-side AES-256 encryption via the crypto-js library. This means:
- Your passwords are encrypted in your browser before being sent to the server
- The server only stores encrypted blobs - we never see your plaintext passwords
- Zero-knowledge architecture - your master password is the encryption key
- No password = No decryption - Even we can't recover your passwords
We use crypto-js for client-side encryption:
// Encryption
const encrypted = CryptoJS.AES.encrypt(plaintext, masterPassword).toString();
// Decryption
const decrypted = CryptoJS.AES.decrypt(encrypted, masterPassword);
const plaintext = decrypted.toString(CryptoJS.enc.Utf8);Why crypto-js?
- Widely adopted and battle-tested
- Pure JavaScript implementation
- Works in both browser and Node.js
- Simple API for AES-256 encryption
- No external dependencies
- β Password Generator - Customizable length (8-32), character types, exclude similar chars
- β Encrypted Vault - Store passwords, usernames, URLs, and notes
- β CRUD Operations - Create, read, update, delete vault items
- β Auto-Clear Clipboard - Copied passwords clear after 15 seconds
- β Search & Filter - Quickly find vault items
- β JWT Authentication - Secure email/password auth
- π Client-side AES-256 encryption
- π Zero-knowledge architecture
- π‘οΈ Password strength validator
- π Secure password generator
- π« No plaintext storage
- Node.js 18+ and npm
- MongoDB Atlas account (free tier works)
- Clone the repository
git clone <your-repo-url>
cd next-app- Install dependencies
npm install- Set up environment variables
cp .env.example .env.localEdit .env.local with your configuration:
MONGODB_URI=mongodb+srv://username:password@cluster.mongodb.net/passvault?retryWrites=true&w=majority
JWT_SECRET=your-super-secret-random-string-here
NEXT_PUBLIC_APP_URL=http://localhost:3000- Run the development server
npm run dev- Open your browser Navigate to http://localhost:3000
next-app/
βββ src/
β βββ app/
β β βββ api/
β β β βββ auth/ # Authentication endpoints
β β β β βββ login/
β β β β βββ signup/
β β β βββ vault/ # Vault CRUD endpoints
β β βββ auth/ # Auth pages
β β β βββ login/
β β β βββ signup/
β β βββ dashboard/ # Main vault dashboard
β β βββ layout.tsx
β β βββ page.tsx # Landing page
β βββ components/
β β βββ PasswordGenerator.tsx
β β βββ VaultItemCard.tsx
β β βββ VaultItemForm.tsx
β βββ lib/
β β βββ dbConnect.ts # MongoDB connection
β β βββ jwt.ts # JWT utilities
β βββ Model/
β β βββ User.model.ts
β β βββ Vault.model.ts
β βββ utils/
β β βββ encryption.ts # AES encryption utilities
β β βββ passwordGenerator.ts
β βββ types/
β β βββ index.ts
β βββ Schemas/ # Zod validation schemas
βββ public/
βββ .env.local
βββ package.json
βββ README.md
- Next.js 15 - React framework with App Router
- TypeScript - Type-safe development
- Tailwind CSS - Utility-first styling
- React Hooks - State management
- Next.js API Routes - Serverless API endpoints
- MongoDB Atlas - Cloud database
- Mongoose - MongoDB ODM
- crypto-js - Client-side AES-256 encryption
- bcryptjs - Password hashing (server-side)
- jsonwebtoken - JWT authentication
- Zod - Schema validation
POST /api/auth/signup- Register new userPOST /api/auth/login- Login and get JWT token
GET /api/vault- Get all vault items (requires auth)POST /api/vault- Create vault item (requires auth)PUT /api/vault/[id]- Update vault item (requires auth)DELETE /api/vault/[id]- Delete vault item (requires auth)
- Sign Up - Create account with email, username, and master password
- Login - Authenticate with email and master password
- Generate Password - Use the generator to create strong passwords
- Add Item - Store credentials with encryption
- Manage Vault - Search, edit, delete, and copy passwords
- Logout - Secure logout clears local storage
- Create a free account at MongoDB Atlas
- Create a new cluster (free M0 tier available)
- Create a database user with read/write permissions
- Network Access: Add your IP or
0.0.0.0/0(allow from anywhere) - Get your connection string:
mongodb+srv://username:password@cluster0.xxxxx.mongodb.net/passvault?retryWrites=true&w=majority
-
Push to GitHub:
git init git add . git commit -m "Initial commit - PassVault" git remote add origin https://github.com/yourusername/passvault.git git push -u origin main
-
Import to Vercel:
- Go to Vercel Dashboard
- Click "Add New" β "Project"
- Import your GitHub repository
- Configure project settings:
- Framework Preset: Next.js
- Root Directory:
./ - Build Command:
npm run build - Output Directory:
.next
-
Add Environment Variables:
MONGODB_URI=mongodb+srv://username:password@cluster.mongodb.net/passvault?retryWrites=true&w=majority JWT_SECRET=your-super-secret-random-string-min-32-chars NEXT_PUBLIC_APP_URL=https://your-app.vercel.app
Generate JWT_SECRET:
# On Linux/Mac/Git Bash openssl rand -base64 32 -
Deploy:
- Click "Deploy"
- Wait 2-3 minutes
- Your app will be live at
https://your-app.vercel.app
- Update
NEXT_PUBLIC_APP_URLwith your actual Vercel URL - Test the application:
- Sign up with a test account
- Add a vault item
- Verify encryption in MongoDB
- Update README with your live URL
npm run build
# Upload .next folder to Netlify- Connect GitHub repository
- Add environment variables
- Deploy automatically
FROM node:18-alpine
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
RUN npm run build
CMD ["npm", "start"]For detailed deployment instructions, see DEPLOYMENT.md
- β Use a strong, unique master password
- β Never share your master password
- β Enable 2FA on your email account
- β Regularly update your passwords
- β Use the password generator for new accounts
- β Log out when using shared devices
How PassVault Protects Your Data:
- Client-Side Encryption: When you save a password, it's encrypted in your browser using your master password as the key
- Server Storage: Only the encrypted blob is stored in MongoDB - never plaintext
- Decryption: When you view your vault, items are decrypted locally using your master password
- Zero-Knowledge: The server has no way to decrypt your data without your master password
Important: If you forget your master password, your data cannot be recovered. This is by design for maximum security
- π Live Demo: https://your-passvault.vercel.app (Update after deployment)
- πΉ Video Demo: Watch on YouTube (Add your 60-90 sec demo)
- π GitHub Repository: https://github.com/viraj-gavade/Secure-Valut
- π Documentation:
- DEPLOYMENT.md - Detailed deployment guide
- CRYPTO_NOTE.md - Encryption architecture
- TESTING.md - Testing guide
- QUICKSTART.md - Quick start checklist
- β Core Features: Complete
- β Security: Client-side AES-256 encryption implemented
- β Authentication: JWT-based auth working
- β Documentation: Complete with guides
- β³ Deployment: Ready to deploy to Vercel
- β³ Demo Video: To be recorded
Contributions are welcome! Please feel free to submit a Pull Request.
- Fork the repository
- Create your feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- GitHub: @viraj-gavade
- Repository: Secure-Valut
- Issues: Report a bug
- Built with Next.js
- Styled with Tailwind CSS
- Encrypted with crypto-js
- Deployed on Vercel
π PassVault - Your secrets, encrypted and safe.