Working on The Password App (https://thepassword.app) - an AI-powered macOS desktop app that automatically rotates your passwords across websites.

The problem: most people have 100+ accounts with weak/reused passwords. Changing them manually is tedious, so nobody does it.

The solution: import a CSV from your existing password manager (1Password, LastPass, Bitwarden), select which accounts to update, and the app uses browser automation with Gemini 2.5 Flash to navigate to each site's password change page and update them in parallel. Exports a CSV with the new passwords to import back.

Key technical choices: - browser-use library for AI-driven browser automation (handles dynamic sites better than Selenium) - Local-only architecture: passwords never leave your machine, no cloud sync, everything stays in memory and is cleared after use - Electron + Python: React frontend with a Python agent for browser automation via stdio IPC - OpenRouter for LLM access (Gemini for navigation, Grok for validation)

Security was the most important and the hardest constraint. Passwords can't be logged, can't be sent to the LLM context, and can't persist on disk. Custom fork of browser-use to inject credentials via secure parameters invisible to the AI agent.

Currently at v0.38 with code signing and notarization for macOS. Working on improving success rates - the main challenges are 2FA requirements and anti-bot detection (Cloudflare, reCAPTCHA).

Would love feedback from anyone in the security/password management space.