A secure, modular, and scalable password manager built using Node.js, Express, and MongoDB. The application enables users to store and manage credentials for various services with industry-standard cryptographic practices and JWT-based authentication.
Nishant Namboodiri
This project offers a deterministic and transparent approach to password management, avoiding reliance on AI/ML and instead using proven techniques like SHA-256 hashing and JSON Web Tokens (JWT). The system includes APIs for:
- 🔐 Secure user registration & login
- 🗂️ Adding and retrieving credentials for services
- 🧹 Deleting saved passwords or deregistering users
- 🔑 Rule-based password suggestions (client-side ready)
| Layer | Tech |
|---|---|
| Backend | Node.js, Express.js |
| Database | MongoDB, Mongoose |
| Auth | JWT (JSON Web Tokens) |
| Security | SHA-256 hashing (bcryptjs) |
| Env Handling | dotenv |
| Testing | Postman |
| Endpoint | Method | Description |
|---|---|---|
/api/auth/register |
POST | Register a new user |
/api/auth/login |
POST | Login existing user |
/api/passwords/add |
POST | Add a new credential |
/api/passwords/login-service |
POST | Simulate service login via stored creds |
/api/passwords/deregister |
DELETE | Deregister account and delete all data |
Store the following in a .env file:
MONGODB_URI=your_mongodb_connection_string
JWT_SECRET=your_super_secret_key