A Firefox profile stores all personal information such as bookmarks and passwords, and that is the case for profiles used by other browsers as well. The information is lucrative to hackers and while these may need to gain local access, it is probably a good idea to protect the data better.
Everyone who starts Firefox on a local machine gets to access all content in the browser. While you may protect the password database with a master password, data like cookies or bookmarks are not protected.
One way to overcome this is to protect the Firefox profile folder by moving it to a location that is not accessible to anyone except you.
I did this by moving the profile to my encrypted hard drive. You could also encrypt the entire system instead so that no one can access it unless the correct passphrase is provided. The advantage of that is that no-one may access any data on the system including the Firefox data.
The hard drive is encrypted using
True Crypt Vera Crypt and the profile can only be accessed if I provide the security key to decrypt it. Other means are theoretically possible as well, use a portable device that has to be plugged in before you can use the profile.
Moving a profile to another location is not difficulty at all. Close all instances of Firefox and locate your profile folder. This is usually in the Users folder under Application Data, Mozilla, Firefox, Profiles of the user who is logged into windows currently.
Tip: Enter about:support in the address bar and click on the show folder button that opens up when the page has loaded. This brings you directly to the profile folder on the local system.
Move the complete folder to a different location but close Firefox prior to that as you will run into conflicts otherwise. Open up profiles.ini afterwards (located in C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox). Change the path= parameter to the new location of your profile and change the parameter IsRelative=1 to 0.
Now move the entire profile folder, but not the root folder containing the profile.ini file, to the new location you want it to store in.
Restart Firefox to see if the changes have been made. If all your bookmarks for instance load fine the changes have been successful. If that is not the case double-check the path parameter in profiles.ini.
Note: Someone with access can analyze the profile.ini file to find out where the profile is located on the system. That's why it is important to protect it with encryption or by other means.
Check out how to secure your PC with the free True Crypt software to get started.Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.