Let Password Gorilla store all of your passwords
If you're like me (and I know you are) you have an endless assortment of passwords stored in your head. And, again, if you're like me your age is defying your memory such that your brain isn't always so quick to recall that endless stream of random characters you have for passwords (and you know they are random, because you are a geek after all).
So what do you do when you're brain reaches critical mass for passwords? Simple, you let a single application store and encrypt them for you so all you need is a single password to access all of those crucial passwords. And what Linux distribution is without a tool (or twelve) to enable such a feature? One of those many tools is Password Gorilla.
Password Gorilla manages your logins as well as all of your passwords for web sites, encrypted files, etc. But PG does more than just store those passwords. Password Gorilla makes logging in to various websites easy by copying and pasting your username/password to the clipboard. Those passwords are never revealed on the screen so you're even safe from prying eyes. But how does it work? Let's find out.
Installing Password Gorilla is quite simple as you will most likely find it in your distributions' default repositories. In Ubuntu just fire up the Software Center enter the string "gorilla" (no quotes) in the search field, and install the resulting entry. That's it.
To launch Password Gorilla click on KDE's "K" menu and enter "password" (no quotes) in the search string, select the entry for Password Gorilla, and hit enter.
When you first start the application up you will be asked to select a password database. Well you can't because you've not created one. So just click Cancel and the main window will open. The first step here is to create a new password database. To do this click the File menu and select New which will open up a new window asking for a password and a password confirmation. Make sure you use a strong password here because it will be the database containing your passwords. After you confirm your password click the OK button.
The first thing you will want to do is to add a login. Now don't confuse this login with your user account login. A login for PG is, for example, your login to your Slashdot account.
To add a new login click on the Login menu and select Add Login. This will open up a new window (see Figure 1) where you will enter the details for your login.
You will notice, by default, when you enter a password it is visible. If you are a paranoid person, right before you enter the password, click the Hide Password button so your password will be obscured.
Once you have entered all of the details of the login click OK to save the new login details.
Now if you look in the Login menu you will see the entry Add Group. Adding groups allows you to keep your various logins better organized. You can see, in Figure 2, I have created a group called "Work".
Using Password Gorilla
Now let's take a look at the real benefits of Password Gorilla. Go back to the main window and right click on one of your login entries. You will see a menu (see Figure 3) that allows you to copy username, password, and even URL to the clipboard.
In order to login to a website you have a login for follow these steps:
- Right click the login entry and select "Copy URL to clipboard".
- Go to your browser and click the middle mouse button (or click <Ctrl>v) to copy the URL to the browser address bar.
- Go back to the Password Gorilla and right click the entry again and select "Copy username to clipboard".
- Go to your browser and click the spot where you would enter your username and either click the middle mouse button or click <Ctrl>v to paste the username.
- Go back to Password Gorilla, right click the entry, and select "Copy password to clipboard".
- Go to your web browser and click the the spot where you would enter the password and either click the middle mouse button or click <Ctrl>v to paste the password.
It sounds like a lot of steps, but it beats trying to remember numerous login credentials.
When the amount of credentials you have exceeds your brains ability to remember, a handy tool like Password Gorilla comes in handy. But it's not just about trying to remember, it's also about keeping those password secure.
Why not just use KeePassX?
I second the call for KeePassX. It’s much faster than gorilla, the interface is WAY better and I can run keepassx on my blackberry. We used to use gorilla in my office and as the file grew and grew it took longer to open and was more difficult to stay organized.
Why not use the Gnome Keyring, which is integrated by default in all modern Gnome distributions – including, without any doubt, Ubuntu? Gnome Keyring is much better integrated with the desktop (and with firefox, evolution and most default Gnome applications) and will automagically do all this for you.
One of the features of KeePass is that it is portable application which works on Windows too. Therefore you can have your KeePass password database on a USB key and use it anywhere, not just on your main computer.
@NoName: I’ve actually been wanting to use the Gnome Keyring for password storage for some time now, but there has never been a UI to enter passwords — at least not one that I have been able to discover. I now see, however, that the latest version of Seahorse in Ubuntu 9.10 finally allows you to do this, but it is cumbersome and not as featureful as KeePassX.
KeePass has an “autotype” feature which makes it considerably simpler to login to anything. It’s also much more secure than copying and pasting — what’s the point of encrypting your passwords if you’re just going to copy them in the clear to your clipboard?
Also, I wish what you said about Gnome Keyring being tightly integrated with Firefox were true, but it’s not at all. Firefox has its own password manager, not connected to the keyring (and boy am I sick of typing in my master password!). There is an experimental Firefox extension to use gnome-keyring as the password storage source (https://addons.mozilla.org/en-US/firefox/addon/8737), but it has issues and does not import previously stored passwords from Firefox, which makes it difficult to migrate.
KeePassX gets my vote.
I’ve been using it for years, fully featured, easy to use with a small footprint and it’s cross platform.