Overview
The PassAgent dashboard is the central control plane for credential management, security monitoring, and agent operations. It is built with Next.js App Router and organized into functional modules accessible from the sidebar navigation.Password Vault
Encrypted credential storage with search, categories, and strength indicators
Security Center
Score ring, breach monitoring, password health, device trust
AI Chat
Conversational interface for automated password resets
Generator
Random, memorable, and PIN generation with crack-time estimation
Integrations
OAuth, IMAP, CSV import, Slack/Discord webhooks
Settings
Account, security, and notification preferences
Architecture
Main Dashboard
The primary view (/dashboard) serves as the credential management hub displaying all
stored passwords with real-time search, category filtering, and security indicators.
| Feature | Description |
|---|---|
| Password list | Sortable table with name, username/email, website, and strength badge |
| Quick search | Instant filter across service names, usernames, and URLs |
| Inline actions | Copy password, reveal/hide, open website, trigger AI reset |
| AI chat panel | Slide-out conversational interface for automated resets |
| Service favicons | Auto-resolved icons from the known-services registry |
Security Center
The security center (/dashboard/security) provides a comprehensive security posture view.
Security Score
A circular ring indicator showing the overall score (0-100), calculated asmax(0, 100 - weakPasswords * 10), accounting for password strength, 2FA status, breach
exposure, and device trust.
Tab Panels
| Tab | Content |
|---|---|
| Password Health | Lists all passwords with strength ratings. Filter by weak, reused, old, or compromised. One-click reset action launches the AI chat flow. |
| Breach Monitor | Checks emails against HIBP. Add/remove monitored addresses. Compromised credentials flagged for rotation. |
| Account Protection | 2FA management: enrollment, TOTP QR setup, recovery codes, verification, and disabling. |
| Device Trust | Trusted device list with fingerprint verification. Auto-detects new devices. Supports rename, revoke, restore, and remove. |
AI Chat Interface
The chat view (/dashboard/chat) provides the primary interface for automated password
resets. Users type requests like “Reset my Instagram password” and the orchestrator handles
the multi-phase execution.
- User sends a reset request
- Orchestrator identifies the service via the service registry
- Playbook, universal agent, or vision AI executes the reset
- Progress streams to the chat UI via
<!-- section:progress -->markers - Screenshots and status updates render inline as accordion panels
- On success, the new password is saved to the vault
Password Generator
The generator (/dashboard/generator) creates passwords in three modes:
| Mode | Description | Controls |
|---|---|---|
| Random | Cryptographic random characters | Length slider, toggles for lowercase, uppercase, numbers, symbols |
| Memorable | Word-based passphrases | Word count, separator, capitalize toggle |
| PIN | Numeric-only codes | Length slider (4-12 digits) |
Integrations Hub
The integrations page (/dashboard/integrations) manages external connections:
| Category | Providers | Connection Type |
|---|---|---|
| Gmail, Outlook, Yahoo | OAuth 2.0 | |
| Import | Bitwarden, LastPass, 1Password, Dashlane | CSV file upload |
| IMAP | Custom email servers | IMAP credentials |
| Notifications | Slack, Discord | Webhook URL |
Family & Settings
Family Sharing (/dashboard/family)
- Create family groups with invite codes
- Share passwords with granular permissions (view-only or full access)
- Member management: invite, remove, leave
- Shared password sync across group members
Settings (/dashboard/settings)
Security Settings
Security Settings
| Setting | Type | Default |
|---|---|---|
| Two-Factor Authentication | Toggle | Off |
| Password Rotation Period | Number (days) | 30 |
| Automatic Rotation | Toggle | On |
| New Login Notifications | Toggle | On |
Notification Settings
Notification Settings
| Setting | Type | Default |
|---|---|---|
| Email Notifications | Toggle | On |
| Password Rotation Reminders | Toggle | On |
| Security Alerts | Toggle | On |
| Weekly Security Digest | Toggle | Off |
API Routes
Core APIs
Core APIs
| Route | Method | Description |
|---|---|---|
/api/passwords | GET, POST | List and create password entries |
/api/passwords/[id] | GET, PUT, DELETE | Manage individual passwords |
/api/security/overview | GET | Security score, weak count, agent status |
/api/vault/salt | GET, POST | Zero-trust vault salt management |
/api/encrypt | POST | Client-side encryption helper |
/api/decrypt | POST | Client-side decryption helper |
Auth & Security APIs
Auth & Security APIs
| Route | Method | Description |
|---|---|---|
/api/2fa/enroll | POST | Begin 2FA enrollment |
/api/2fa/verify | POST | Verify 2FA token |
/api/2fa/status | GET | Check 2FA enrollment status |
/api/devices | GET, POST, DELETE | Trusted device management |
/api/hibp | POST | Breach database check |
Agent & Reset APIs
Agent & Reset APIs
| Route | Method | Description |
|---|---|---|
/api/chat-reset | POST | AI-powered password reset |
/api/universal-password-reset | POST | Universal agent reset |
/api/vision-agent | POST | Vision AI reset |
/api/gmail | GET | OTP/link retrieval |
Service Registry
The service registry (lib/agents/service-registry.ts) provides per-service configuration
for 12 major services with a generic fallback:
| Service | Reset URL | Recovery Method |
|---|---|---|
/accounts/password/reset/ | Magic link | |
/login/identify | OTP email | |
/signin/v2/usernamerecovery | OTP SMS | |
| GitHub | /password_reset | Reset link |
| Twitter/X | /i/flow/password_reset | OTP email |
| Microsoft | /password/reset | OTP email |
| Discord | /login (forgot link) | Reset link |
| OpenAI | Dynamic (chat flow) | Reset link |
The registry uses domain aliasing:
gmail.com maps to Google, x.com to Twitter,
outlook.com and live.com to Microsoft, and chatgpt.com to OpenAI.