-
Notifications
You must be signed in to change notification settings - Fork 62
Home
Jump to the News section of this page (last update 2019-05-19)
Password Gorilla – a cross-platform password manager
The Password Gorilla helps you manage your logins. It stores all your user names and passwords, along with login information and other notes, in a securely encrypted file. A single “master password” is used to protect the file. This way, you only need to remember the single master password, instead of the many logins that you use.
If you want to log in to a service or Web site, the Password Gorilla copies your user name and password to the clipboard, so that you can easily paste it into your Web browser or other application. Because the password does not appear on the screen, Password Gorilla is safe to use in the presence of others.
The convenience of Password Gorilla allows you to choose different, non-intuitive passwords for each service. An integrated random password generator can provide one-time passwords, tunable to various services’ policies.
Password Gorilla is a Tcl/Tk application which can run on Linux, Windows and Mac OS X. The source files written are supposed to be compatible between platforms. They are tested to run on Linux kernel <= 2.6.30.5, Windows XP, Windows 7 and Mac OS X 10.6.x/Lion So it is possible to work with this password manager in heterogeneous environments. The Password Gorilla generated database is besides compatible to actual Password Safe 3.2 databases. The password is SHA256 protected and the database contents are encrypted with Bruce Schneier’s Twofish algorithm. Brute force attacks are prevented by key stretching.
A help file (English, Italian, Portuguese) is integrated.
Standalone versions: Executable Starkits for those who do not want to install a full Tcl/Tk environment on their computers are available at:
https://gorilla.dp100.com/downloads/
Note: Github has canceled its download service since 2013.
You will find platform dependent suffixes:
- gorilla{version}.bin (Unix)
- gorilla{version}.exe (Windows)
- gorilla{version}.zip (MacOSX)
MacOSX users can also use the Macupdate service:
Source Code: In the folder of the executables you can find a zipball gorilla{version}-.zip. If you want to get the whole project you can clone the repository or create on the fly a zipball at https://github.com/zdia/gorilla. Don’t worry, there is no 10 Mb of C source code but about 300 KB of Tcl/Tk Script Code.
Older Versions: There are present in form of files named gorilla-{version}.kit in the version folders archive/version/. In the folder tclkits/ you will find a file tclkit-{platform} which will execute the program if you pass the source gorilla.kit to it:
tclkit-<platform> gorilla-<version>.kit
For Debian packages (version 1.6.0~git20180203.228bbbb-1) see here: http://packages.debian.org/sid/password-gorilla
For a FreeBSD port (version 1.5.3.6) look at the FreeBSD’s ports site
For a Ubuntu package (version 1.6.0~git20180203.228bbbb) see here: http://packages.ubuntu.com/oneiric/password-gorilla
To get access to a pwsafe database on your smartphone you can try the following products:
- Jorge Vasquez has just release version 1.2.0 of pwSafe, an open source Password Safe port for iPhone, iPad and iPod Touch. It costs $1,99 with iTunes file sharing, email attachment loading and manual Dropbox copying. For bidirectional automatic Dropbox sync there’s a $1.99 in app purchase option. App Store link: http://itunes.apple.com/us/app/pwsafe-password-safe-for-ios/id440783112?mt=8&ls=1. Official website: https://pwsafe.info/
- Dropsafe is another PasswordSafe-compatible product made for the iOS platform (iPhone, iPad, iPod) and used in conjunction with Dropbox, written by Smith Surasmith and available in iTunes at http://itunes.apple.com/us/app/dropsafe/id440414160?mt=8&ls=1.
- Jeff Harris has written an Android port of PasswordSafe that has received good reviews. The app can be downloaded from https://market.android.com/details?id=com.jefftharris.passwdsafe. The Sourceforge project is https://sourceforge.net/p/passwdsafe/wiki/Home/.
These references are cited from http://pwsafe.org/relatedprojects.shtml. If you have made experiences with any of this programs give us a feedback, please.
Interested in Tcl/Tk? Look at this site
For bugs and issues, please login to github.
If you want to use the source file with the Tcl/Tk you should have installed Tk 8.5.
The standalone versions in the Download directory don’t need any installation. They can be run out of the box.
The current tip of the pre160 branch (commit 35102bbd657706aa414a2b5f2693d13b9885eaf3) has been packaged into an OS independent .kit file and placed on the downloads page . As a .kit file is OS independent, to try out the new beta1 release, an OS dependent TclKit executable is needed. Several different TclKit executables can be found in the Tclkit support files area of the download page. Note that 1.6.0-beta-2 was packaged this way to simplify releasing the commit as a beta testing package. Please give it a try and provide feedback as to any issues that are found. And, as is always a good idea, please do backup your password safe database file before performing any testing. Better safe than sorry with your saved passwords data.
The current tip of the pre160 branch (commit 5b3be9ba867fb4c74a3a40472931f6b4d849586b) has been packaged into an OS independent .kit file and placed on the downloads page .
The new-features branch was merged into the pre160 branch and the result (commit 5801d2a1e79f54c9c6b79241227356137516f077) pushed to Github. The code in this branch, barring the discovery of any issues, is intended to eventually become Password Gorilla version 1.6.0. Aside from a lot of small fixes, the single biggest change in pre160 is the merge in from the new-features branch of the password History feature. This is an optional feature of the V3 PasswordSafe file format that is used to automatically store old versions of passwords within the file when making changes (actually, for Password Gorilla, when saving a new password into an entry).
The developer has been using this combined tip personally on his real PasswordSafe file for a bit over a year, so it is felt that this code has no known glaring issues. As always, keep backups of your important data (and your PWSafe is clearly important data). For anyone willing to run the source from Github, more extensive testing in more environments of the newly pushed pre160 will be appreciated.
New MacOS bundle available at http://gorilla.dp100.com/downloads/ to fix Issue #122.
Direct download link: http://gorilla.dp100.com/downloads/gorilla.mac.15373.zip
GPG signature: http://gorilla.dp100.com/downloads/gorilla.mac.15373.zip.sig
If you are a MacOS user, and you receive an error message that “Gorilla is damaged”, please see the MacOS Gatekeeper Information page for details of how to allow Password Gorilla to run on your Mac.
It seems that to launch the Mac Gorilla bundle under the new MacOS Maverick that one first needs to perform the following steps:
1) Right click on the Password Gorilla.app and click “Get Info”
2) Turn on the checkmark to “Open in 32-bit mode”
Thanks go to @maxgladwell for this tip on how to launch under the new MacOS.
There is a new OSX package available at zdia.de/downloads/gorilla/gorilla15372.zip
Feedbacks of Maverick users are highly appreciated.
1.6 in work
Planned refactoring on the basis of Tcl/Tk 8.6
pre160 tip as of 2018-06-26
- Removed old hard coded requirement for a Tcl 8.5 interpreter – now checks for “at least” 8.5 instead of “exactly” 8.5.
- Implement the optional password history feature of the V3 PasswordSafe file format.
- Find dialog focuses keyboard history to the text entry upon opening.
- Allow Escape key as an additional way to close find dialog window.
- Drop Tcllib UUID generation code, generate type 5 UUID internally now.
- Add some code to attempt to detect usage of a PasswordSafe file via a shared network (i.e., NFS, Dropbox, etc.) and warn user that the file changed since it was loaded to try to prevent data loss from use of a shared file. Note that this is not full shared usage, the PasswordSafe file format is not designed for shared usage and using PasswordGorilla with a shared file is officially unsupported. This change simply tries to dull the sharpest knives that might appear from that usage scenario.
- Fix the conflict merge window to allow vertical scrolling when there is insufficient screen height for all of the fields.
- Add copy to clipboard option to the “view entry” window (double click on the URL, username, password or notes fields to copy that item to the clipboard).
- Change title bar text to indicate presence of unsaved changes to currently open password safe file.
- Fix for non-ASCII character corruption (Github issue #196).
1.5.3.8 (Testing phase)
- Fixing issues (OSX)
- Enable copy-paste actions in the view login dialogs
- Notification when the database file has been updated while the program is open (issue #119)
- New stretchkey C extension enabling ca. 1 million iterations in 1 sec
- New Twofish C extension based on optimized C code (Drew Csillag)
- Addition of password change logging feature.
1.5.3.7 (released Wed Mar 13 2013)
- Based on Tcl/Tk 8.5.13, tclkits by ActiveState™
- Compiled Sha256 and Twofish extension for FreeBSD
- Modified gorilla.ico to suit higher graphic resolutions
- Added help menu entry: Look for Update
- Several issue fixes
- Added Portuguese language, including Portuguese help txt
1.5.3.6 (released Tue Jan 10 2012)
- Help manual manageable with gettext package
- Added Italian help manual
- Added more flexible database backup management (timestamp, private backup folder, save before lock)
- DND now with multiple logins
- Increased quality of random seed (use of /dev/urandom in Linux or repeated use of sha256 for Windows)
- Remove upper limit on Password Safe V3 file format key stretching iterations.
- Interface to report key stretch time and to calculate an estimated number of key stretch iterations based upon a length of time factor.
- Merge conflict resolution – merged in commit f3ff914351f4ccb747b4
- New French translation by Benoit Mercier – presently in commit 346d629105bcae89849b1f44883270f191c129e8
- New Spanish translation by Juan Roldan Ruiz – presently in commit 01b67363c4fd7476c1d4efe468a8b84d265ac363
- Graphical progress bar for opening/saving/merging databases – merged in commit fab86283469f40ea46f54d731ec7d743a4588f10
- Reorganisation of sha256c C extensions for 32bit and 64bit systems with critcl2
1.5.3.5 (released Thu Jun 2 2011)
- Using GNU gettext package for i18n management
- Updated Russian translation by Evgenii Terechkov
- Added Italian language translation by Marco Ciampa
- Replaced right click “Move” menu item with “Move to:” item and cascading groups submenu
- Added combobox selection in EditDialog’s group field for quick moving of entries
- Added uuid marking of new entries as default
- Added empty title handling
- Minor bugfixes
- Added database import with CSV files
- Added tcltest module for CSV-import
- Added url field for CSV export
- Added log utility for package require errors
- Drag and drop
1.5.3.4 (released Sun Dec 12 2010)
- Added menuitem Open URL
- Option to automatically copy username to clipboard upon open of a URL
- changed modal Edit Login dialogs to non-modal dialogs
- Speeded up encryption with Twofish algorithm by using critcl
- Balloon help integrated
- MacOSX versions are now built with tclkit-8.5.9-universal
- spell-checked and updated help text
1.5.3.3 (released Tue Sep 7 2010)
- minor bugfixes
- added new documentation system: Hypertext Help System by Keith Vetter
- password key stretching was optimized with compiled sha256 libraries for win32, linux 32/64bit, i686-apple-darwin10 (16 to 40 times faster opening) using critcl
1.5.3.2
- added ViewLogin menuitem to enable easy synchronization when merging two databases
- workaround for mac command shortcut crash
- added checkbutton in Preferences:Display:Show Gorilla icon
- added menuitem Security:LockNow
- focus for password login
- find continues searches per default
- testing existence of files in OpenDialog combobox
- fixing treeview font resizing issue
1.5.3
- MacOSX version uses Tk Cocoa styled application menu
- the encryption algorithms are 64bit proof
- variable font sizes and
- multilanguage support possible (v. 1.5.3.1 English, Russian and German)
Plans for the future
- Using the OO facilities of Tcl/Tk 8.6
- Creating an actualized gorilla.deb package – preliminary .deb build script in utilities/ directory of branch “pre-release”
- Port to Android
- Enlarge source code documentation for Ruff!
- use critcl v3
- critcl version for optimized Twofish C code
- dismiss vwait dependencies