PassWave — Password Generator & Vault
Minimalist PWA: generates strong passwords, encrypts everything on the client, syncs if you want. Built the MVP in 2 weeks — kept it as is: fast, safe, no bloat.
Table of Contents
Context
Sometimes you don’t need a “life manager,” you need a quick password generator: click, copy, move on. PassWave is for that. If you want — store a few entries locally and (optionally) sync across devices. If you want silence — it runs fully offline and calls no one.
Live demo: https://password.potapov.me
I initially considered a Telegram Mini App, but PWA won: more universal, installable, and platform‑independent. Telegram integration stays in reserve.
Key Decisions
- End‑to‑end encryption in the browser. The server sees only encrypted blobs — it’s a courier, not a reader.
- Supabase as a lightweight backend: auth, storage, sync out of the box.
- Real PWA: offline, install to home screen, instant cache loads.
- Mini FSD architecture so the project can grow without pain.
Built for People, Not Checklists
- Strong password generation with presets and “no O/0, I/l.”
- Passphrases for those who prefer remembering to pasting.
- Batch generation (tidy up in one sitting).
- QR code to avoid sending secrets to yourself in messengers.
- Local vault + optional sync.
- Dark mode (of course).
This is not a replacement for almighty managers with 100,500 entries. It’s a pocket tool: generate, store what matters, don’t intrude.
Context of the Era
2024–2025: password managers are saturated “combines” with subscriptions and autofill. Many users want a fast, private, platform‑agnostic way to generate/store a few secrets.
Business Insights
- JTBD: “quickly generate/store 3–20 passwords,” offline, no subscription.
- Positioning: privacy‑first, zero‑knowledge, PWA over platform lock‑in.
- Monetization (optional): one‑time unlock (themes/dictionaries), B2B white‑label.
- Channels: SEO “password generator,” privacy communities, short demos.
Results
Lessons and Pitfalls
- Supabase is great for MVPs: auth + API in 15 minutes; the rest is business logic.
- Even a “simple” project benefits from FSD to avoid the junk drawer.
- The less code between a person and a password — the fewer bugs and pain.
PassWave turned out exactly as intended: fast, safe, and unobtrusive. It gets the job done — without asking for attention.
See also
- Post about PassWave
- Self‑host Supabase — how I keep the backend under control
Similar projects
Projects with similar technologies and tasks
Slot‑Me.ru — Meeting Booking Platform
Cal.com for the Russian market: from architecture to production. FastAPI + React, FSD, OAuth, calendars, email, 196 tests.
- FastAPI
- React
- PostgreSQL
- Redis
- TypeScript
- +3
EEF (SCO) — Youth Economic Forum Management System
Government contract to run a large international event: 12 curators, 72 local coordinators, 5000+ participants. Technically flawless, psychologically exhausting. A lesson that gov contracts require both technology and people work.
- Python
- Django
- PostgreSQL
- JavaScript
- jQuery
- +1
PVS‑Studio Quiz — Gamified Marketing
Interactive quiz/games platform to engage developers. Gamifies static analyzer marketing via ‘find the bug in real code’ challenges.
- Next.js
- React
- Redux
- styled-components
- TypeScript
- +1