Home

Description

Password Gorilla – a cross-platform password manager

The Password Gorilla helps you manage your logins. It stores all your user names and passwords, along with login information and other notes, in a securely encrypted file. A single “master password” is used to protect the file. This way, you only need to remember the single master password, instead of the many logins that you use.

If you want to log in to a service or Web site, the Password Gorilla copies your user name and password to the clipboard, so that you can easily paste it into your Web browser or other application. Because the password does not appear on the screen, Password Gorilla is safe to use in the presence of others.

The convenience of Password Gorilla allows you to choose different, non-intuitive passwords for each service. An integrated random password generator can provide one-time passwords, tunable to various services’ policies.

Password Gorilla is a Tcl/Tk application which can run on Linux, Windows and Mac OS X. The source files written are supposed to be compatible between platforms. They are tested to run on Linux kernel <= 2.6.30.5, Windows XP, Windows 7 and Mac OS X 10.6.x/Lion So it is possible to work with this password manager in heterogenous environments. The Password Gorilla generated database is besides compatible to actual Password Safe 3.2 databases. The password is SHA256 protected and the database contents are encrypted with Bruce Schneier’s Twofish algorithm. Brute force attacks are prevented by key stretching.

A help file (English, Italian, Portuguese) is integrated.

Standalone versions

Executable Starkits for Linux, Mac OS X and Windows are available for those who do not want to install a full Tcl/Tk environment on their computer.

• gorilla{version}.bin (Unix)
• gorilla{version}.exe (Windows)
• gorilla{version}.zip (MacOSX)

MacOSX users can use the Macupdate service:

Source Code: Here you can check if the sources of the program are clean. Don’t worry, there is no 10 Mb of C source code but about 300 KB of Tcl/Tk Script Code.

For Debian packages (version 1.5.3.4) see here: http://packages.debian.org/sid/password-gorilla

For a FreeBSD port (version 1.5.3.6) look at the FreeBSD’s ports site

For a Ubuntu package (version 1.5.3.4-1) see here: http://packages.ubuntu.com/oneiric/password-gorilla

To get access to a pwsafe database on your smartphone you can try the following products:

• Jorge Vasquez has just release version 1.2.0 of pwSafe, an open source Password Safe port for iPhone, iPad and iPod Touch. It costs $1,99 with iTunes file sharing, email attachment loading and manual Dropbox copying. For bidirectional automatic Dropbox sync there’s a $1.99 in app purchase option. App Store link: http://itunes.apple.com/us/app/pwsafe-password-safe-for-ios/id440783112?mt=8&ls=1. Official website: http://app77.com/pwSafe/

• Dropsafe is another PasswordSafe-compatible product made for the iOS platform (iPhone, iPad, iPod) and used in conjunction with Dropbox, written by Smith Surasmith and available in iTunes at http://itunes.apple.com/us/app/dropsafe/id440414160?mt=8&ls=1.

• Jeff Harris has written an Android port of PasswordSafe that has received good reviews. The app can be downloaded from https://market.android.com/details?id=com.jefftharris.passwdsafe. The Sourceforge project is https://sourceforge.net/apps/mediawiki/passwdsafe/index.php?title=Main_Page.

These references are cited from http://pwsafe.org/relatedprojects.shtml. If you have made experiences with any of this programs give us a feedback, please.

Interested in Tcl/Tk? Look at this site

You can find a tarball, alternatively a zipball, of the source code with the actual release at http://github.com/zdia/gorilla/downloads

Older versions you can find on the following site: http://zdia.de/packages/gorilla/

For bugs and issues, please login to github. Macintosh users can also leave a message here

Reviews

Dependencies

For the moment your Tcl/Tk environment should have installed Tk 8.5.
The standalone versions in the Download directory don’t need any installation. They can be run out of the box.

Versions

1.5.3.7 (in work)

• integration of FreeBSD port*
• modify gorilla.ico to suit higher graphic resolutions
• Added help menu entry: Look for Update
• Fixes for issues #78-82
• Added Portoguese language

1.5.3.6 (released Tue Jan 10 2012)

• Help manual manageable with gettext package
• Added Italian help manual
• Added more flexible database backup management (timestamp, private backup folder, save before lock)
• DND now with multiple logins
• Increased quality of random seed (use of /dev/urandom in Linux or repeated use of sha256 for Windows)
• Remove upper limit on Password Safe V3 file format key stretching iterations.
• Interface to report key stretch time and to calculate an estimated number of key stretch iterations based upon a length of time factor.
• Merge conflict resolution – merged in commit f3ff914351f4ccb747b4
• New French translation by Benoit Mercier – presently in commit 346d629105bcae89849b1f44883270f191c129e8
• New Spanish translation by Juan Roldan Ruiz – presently in commit 01b67363c4fd7476c1d4efe468a8b84d265ac363
• Graphical progress bar for opening/saving/merging databases – merged in commit fab86283469f40ea46f54d731ec7d743a4588f10
• Reorganisation of sha256c C extensions for 32bit and 64bit systems with critcl2

1.5.3.5 (released Thu Jun 2 2011)

• Using GNU gettext package for i18n management
• Updated Russian translation by Evgenii Terechkov
• Added Italian language translation by Marco Ciampa
• Replaced right click “Move” menu item with “Move to:” item and cascading groups submenu
• Added combobox selection in EditDialog’s group field for quick moving of entries
• Added uuid marking of new entries as default
• Added empty title handling
• Minor bugfixes
• Added database import with CSV files
• Added tcltest module for CSV-import
• Added url field for CSV export
• Added log utility for package require errors
• Drag and drop

1.5.3.4 (released Sun Dec 12 2010)

• Added menuitem Open URL
• Option to automatically copy username to clipboard upon open of a URL
• changed modal Edit Login dialogs to non-modal dialogs
• Speeded up encryption with Twofish algorithm by using critcl
• Balloon help integrated
• MacOSX versions are now built with tclkit-8.5.9-universal
• spell-checked and updated help text

1.5.3.3 (released Tue Sep 7 2010)

• minor bugfixes
• added new documentation system: Hypertext Help System by Keith Vetter
• password key stretching was optimized with compiled sha256 libraries for win32, linux 32/64bit, i686-apple-darwin10 (16 to 40 times faster opening) using critcl

1.5.3.2

• added ViewLogin menuitem to enable easy synchronization when merging two databases
• workaround for mac command shortcut crash
• added checkbutton in Preferences:Display:Show Gorilla icon
• added menuitem Security:LockNow
• focus for password login
• find continues searches per default
• testing existence of files in OpenDialog combobox
• fixing treeview font resizing issue

1.5.3

• MacOSX version uses Tk Cocoa styled application menu
• the encryption algorithms are 64bit proof
• variable font sizes and
• multilanguage support possible (v. 1.5.3.1 English, Russian and German)

Plans for the future

• Using the OO facilities of Tcl/Tk 8.6
• Creating an actualized gorilla.deb package – preliminary .deb build script in utilities/ directory of branch “pre-release”
• Port to Android
• Enlarge source code documentation for Ruff!
• use critcl v3
• critcl version for optimized Twofish C code
• dismiss vwait dependencies