Can't do email without a "key ring" password?

Since receiving the L5 device I’ve not been able to use Geary due to the security notice:

“Authentication Required”
"An application wants access to the keyring “Default keyring”, but it is locked.

It is not the login password
It is not the mobile password.
It is not the email account password.

Too, searching for a answer outside of Puri has several links to answers here that have been moved, deleted or the Matrix has them.

In my experience, the required default keyring gets created the first time you run Geary because the keyring does not exist. At that time, it will get you to enter a new password that will on all future occasions be asked for and used to unlock the keyring.

The keyring will be used to store the email account passwords in a secure manner.

The keyring password is not, as you say,

  • the LUKS encrypted disk unlock password
  • the purism account login password (screen unlock when screensave occurs)
  • the SIM card unlock PIN (if your SIM card has a PIN)
  • an email account password.

Yay! Too many passwords.

The keyring password required is also not the keyring password of any other keyring. That is, you can have as many keyrings as you like and they can all have different passwords. It is specifically wanting to unlock the keyring called “Default keyring”.

I would tentatively suggest starting with
ls -l .local/share/keyrings
to see what keyrings exist.

Assuming that the required keyring exists and assuming that it contains no useful information (e.g. you know the email account password(s)) then I would move the .keyring file away and reboot the phone and try again running Geary.


There is an earlier thread where it tells you to move your default keyring file to another location. (They could have just said delete it but there must be a reason.)

Then geary will ask you to create a new one again.

The thing about geary it doesn’t care (as much) about the size or complexity of the keyring password, so I gave it a small one. So I gave up trying to avoid it and did that. Since I’ve already got the disc crypto phrase and the unlock pin, I’m already into my phone. So other passwords are of secondary importance in my view.

1 Like

Now if someone can tell me how to get geary to work with gmail accounts? I has a button to set it up but it fails.

1 Like

Gmail and microsoft are a PITA. For gmail you might have to set up an Application password and that should do the trick. I’ve set up my own email server and getting gmail to accept email from it is a herculean task, they are super paranoid about spam bots so that’s part of the reason for why it’s not working. Microsoft is even worse. Try the app password route, if that doesn’t work, just perma forward your gmail to a non surveillance email provider that you can register with Geary.

I would like to think that I always have a reason. :wink:

The reason for saying “move” rather than “delete” is that
a) I have no way of knowing whether another person has important passwords or keys in his or her keyring
b) the person may be mistaken about whether there are important passwords or keys in the keyring
c) if it achieves nothing, “move” is easily reversed - no harm, no foul - whereas “delete” is less easily reversed, if at all

That may be fine where you have a keyring that is nearly always unlocked anyway e.g. you nearly always start Geary when you boot the phone. However you can have as many keyrings as you like and if you bother to compartmentalise your passwords and keys in this way then you may want decent passwords on other keyrings that are not routinely unlocked.

However to some extent it does also depend on the strength of your screen unlock PIN.

Your best approach is not to have a gmail account - since having a gmail account is surrendering all your email with that account to Google surveillance and, worse still, forcing all your interlocutors to do likewise (for those emails that they send to you).

However I understand that you may have a substantial “investment” in any given email address and that it would be a substantial hassle to ditch the gmail account.

I don’t have a gmail email address - so I can’t shed light on making it work with Geary (or Thunderbird or any other mail client software). Maybe that should be a separate topic though.


“Substantial investment” is the keyword here. Yes, (and thanks) I have a pre-existing gmail account and business gmail account, and bottom line, librem one is UNRELIABLE. Meaning it won’t always work when I need it. Case in point, this week my new employer (recall my FORTRAN/77 thread) could not email to me on because their own corporate policy blocked it. (They dIdn’t allow the “.one” domain.) Plus, I’m not one of the usual tin-foil hat guys that reside here.

Thanks for your understanding.

1 Like

Yeah, I don’t think anything about Google is tin-foil hat.

(This issue regarding .one has been around for a while. It is of course possible to get an email address from a non-surveillance company that is in .com or similar.)

Sorry for butting in, butt the 2021 suggestion to Move the current key but when entered, it results in “No such file or directory.” The command is:


Five good relevant hits in Googieland all end up in

This site can’t be reached
The webpage at

That’s THIS topic post for {insert deity or cuss word here} sake!

Did the location for keyrings change in a update since last two years?

The other command by @irvinewade to start with

resulted in
It’s faster if I type it in so bear with the typos please:
After the command is entered:

total 8
-rw-r–r-- 1 pursim purism 15 Feb 11 12:33 default.
-rw------- 1 pursim purism 535 Mar 21 13:03 Default keyring.keyring
-rw------- 1 pursim purism 0 Jan 28 20:07 user.keystore

Is there a better email program than Geary that doens’t need key-stuff? It’s not like a lot of people are interested in using the L5. I don’t need that kind of security.

Didn’t bother with the command line. I was able to get to it easily with the “Files” app.

But then again I also had to open the hamburger icon and enable “Show Hidden Files”.

Then I drilled down into the .local directory until I found it. Then I just clicked on the keyring file and held it down until the drop down menu asked me what to do with it.

1 Like

Well, that was fun…

1 Like

OK, for completeness

cat .local/share/keyrings/default

If that points at Default keyring then Default keyring.keyring is the file you want to move to another directory (temporarily) and then reboot the phone and then run Geary.

Running Geary should then result in the Default keyring getting re-created, with a new password that it gets you to dream up. (Confirm by repeating the above ls -l command.)

1 Like

Thanks Irvine. Until the device works properly, I won’t risk exposure through Geary. By service, I don’t expect Puri, Libre whoever it is have much of a support system so I’ll wait 7 working days (Monday to Friday) to see if picks up and attacks the issues or not.

BTW. I found the problem with pshycoscreen. When I want to tap or swipe, and pick device up, and while holding in left-hand, place middle finger on back of device and gently press the camera/sepia area and tap with right holding the finger down about 1/16th" and swipe tap, it doesn’t take dozens of taps to get it to respond. Works most of the time, but whatever decides to run in bckgrnd pausing input for at least 8 - 10 seconds needs to have it’s 1’s turned into zeros.

I’m not asking for input on all that and more. It’s a couple of months old and ideas to fix worn out. It’s just a FYI.

Tnx for your help

I find I have to make sure my L5 is off before I pick it up. Otherwise I may inadvertently open something with a random finger.

I’m one up on you. I can load programs from the backside! I can leave it sit flat and sometime it will randomly load something. Too, when I have to tap 20 - 30 times and a prog opens, it’s the one behind the tapping, not the one I wanted.
It acts like a teen celebrity. All bling, can’t sing.

… and lots of tapping of the backside. :wink: