A Ruby-GNOME password manager that encrypts its data file. Uses clipboard, password need never be seen. Features rand generated passwords.  Uses if available, and features a command line access to your passwords (--no-gui option).

Version 2.1 clears the clipboard 15 seconds after being set with a password.
Note: version 2 is a major revision and won't work with version 1 passwords file.  If you were using version 1, you'll have to manually re-enter all entries (select and paste).  Also, the executable is now gtk2passwordapp2.  You can have version 1 run next to version 2, but you'll need to update to version 1.8 (previous versions did not guard against incompatible upgrades).

RubyGems Page: gtk2passwordapp

    Ruby: 1.9 or 1.8
    Gems: gkt2applib, and crypt-tea
    Library: Ruby-GNOME2 (aka gtk2, also available as a gem)
    OS: Linux, or Maemo/Hildon (tested on N800,N900), or Windows (tested on NT)

  • Which encryption method is used?
Encryption is by crypt-tea, an implementation of the Tiny Encryption Algorithm that's compatible with PHP's xxTEA. It works with both Ruby 1.8 and 1.9.

  • sudo gem install gtk2passwordapp --no-rdoc --no-ri
On a Linux system with Ruby (and Gem) and Ruby-Gnome installed, that's it.  On the N800 and N900, you'll also need Hildon for Ruby.  Unfortunately, outside of the Linux desktop, Ruby appears to still be experimental and it's beyond the scope of this guide to cover all issues except to say that they are related to the OS.  Once resolved, the install is as simple as described above.

RUN (version 2)
  • gtk2passwordapp2


The application starts with a dialog box where one enters a password. If the application is being run for the first time, the user will be asked to repeat the password for verification. From that point on, the application will only accept that password from the user.
Do not forget this initial password.


The application will start in window mode, where one can add, edit, or delete password accounts. To iconify, click the close button, or right-click most any where on the window and click Close on the pop-up menu. Most of the time, the user will want to leave the application iconified where by right clicking on the icon, one can select an accout to have a password/username copied to clipboard. To pop back the edit window, left click on the icon.

On the N900, as of this writing, docking does not work so the feature was disabled.  Docking can be enabled (or disabled) in the configuration file.


On the edit window, enter the new password account name on the Account: combo/entry box. For example, "Google". Then, optionally, on the Url: entry box, enter the associated url. For example, "". Enter a short note to describe the account. For example, "The Google search engine". Enter your username in the Username: entry box. Next enter your password in New:. The password by default will not be visible, but to view the password, uncheck the check button. One also has the option to have the password rand generated by clicking on one's choice of the Random, Alpha-Numeric, Numeric, Letters, or All-Caps button.  One can set the password length of the generated password via the adjacent spin button.  Once all the fields are filled for the account, click on the Update Account button. Repeat the process for each new account. When done, lastly, click on the Save To Disk button to save to disk.

Note that Update Account makes no permanent changes, only that the current record as edited to that point is to be saved when Save is clicked. Clicking on the Close button or otherwise closing the window will loose all un-saved edits.


To edit a password account, select the account in the Account: combo/entry box. The rest of the entries will show their current values. Edit these entries to their new values and when done click Update Account.  The current password can be copied to clipboard by clicking the Clip Current Password button. If a new password is entered in New:, then the current password will be set to this new password when the Update button is clicked, otherwise it'll remain the same. The previous password used for the account can be copied to clipboard by clicking the Clip Previous Password button.  When done editing, lastly, click on the Save To Disk button to save to disk.


To delete a password account, select the account in the Account: combo/entry box and then click on the Delete Account button.  When done editing, lastly, click on the Save To Disk button to save to disk.


One can change the master-password, the short password one enters at the start of the application, by clicking on the Change Data File Password button. The user will be asked to enter and verify the new password.  This change takes effect immediately.
Do not forget your new password.


On Linux, in icon mode, one can right-click on the icon to pop-up a menu with a sorted list of accounts. Clicking on an account on the pop-up menu will copy the password in the primary clipboard, and the username in the regular clipboard. The password will paste on middle mouse click. The username will paste on right clicking for the pop-up clipboard menu options and selecting paste.


On Maemo and Windows, the password is copied to the regular clipboard. I don't see a way to access the primary clipboard, so username is not available this way.


Note that Wine applications on middle mouse button click paste from the regular clipboard the username, the primary clipboard appears not to be available. So you'll need to middle paste the password elsewhere, copy it to clipboard, then paste it on the Wine application... or set username to password and set the note to your username.


  • ~/.gtk2passwordapp-2/appconfig-0.rb
for the option to perform a task whenever the password file is updated.


The libraries where completely reeked and simplified (although lib/gtk2passwordapp.rb still reeks), and I got rid of the passphrase file -- for the way the application is normally used, there is no advantage in having it.  Furthermore in version 1, I used a digest of the password to name the data file and verify the correct password.  Now, the passwords file is simply named passwords.dat (by default), and the password is verified if the decryption succeeds.  These changes greatly simplified the code, the single data file is easier to maintain, and should make password mining harder.