Julian Perassi

Password Manager with 2FA

Dashboard on the password-manager on the light theme
Dashboard on the password-manager showing credentialsPrompt to complete our 2fa verification with TOTPOur landing page with access to dashboard or github repo

A modern, full-stack password manager built with Next.js 15+, Prisma, and Upstash Redis, designed with security-first principles. It features two-factor authentication (2FA) using TOTP with QR onboarding, rate limiting by IP and email/IP pairs to prevent brute-force attacks, and robust input validation with Zod. Sessions are managed using JWTs with CSRF protection, and credentials are securely hashed using argon2. Users cannot view saved passwords directly—only copy them after re-authenticating with 2FA—ensuring a zero-knowledge-like approach. The system also includes a secure password reset flow with time-limited tokens.

Next.js
Security
Prisma
Redis
TailwindCSS
2FA