Password protection is not enabled by default in the email client Mozilla Thunderbird. Anyone with access to the computer system may open Thunderbird, read the emails and look at contacts and other information stored in the software.
This lack of protection could be a problem if multiple users are using the computer or if other users have (theoretical) access to the PC which is often the case at work.
The following guide reviews two options on how to protect the Thunderbird email client to prevent unauthorized access to the data.
Thunderbird, just like Firefox, supports add-ons. Add-ons are small programs that increase or change the functionality of the email client.
Profile Password is a Thunderbird add-on that offers the means to password protect a Thunderbird profile. The extension adds a new entry to the Tools menu of the email client.
Thunderbird displays a password form on startup once a password has been set in the extension's options.
This protection is generally considered to be weak, largely because of options to circumvent the protection. It is for instance possible to access the mails and other information directly in the Thunderbird profile directory.
It might provide enough protection in some situations but technical users will find a way around it eventually. This protection becomes stronger if IMAP accounts are used since the emails are by default not downloaded to the local computer system. Thunderbird 3 on the other hand makes use of email synchronization by default which downloads the messages to the local PC. This feature needs to be disabled in Account Settings --> Synchronization & Storage.
Profile encryption is the only available option to protect a Thunderbird profile completely from access by third parties. The encryption software True Crypt is a popular choice as it is available for Windows, Linux and Mac.
See Create a secure data safe with True Crypt for pointers on how to create an encrypted partition or container on your computer.
It's more complicated to setup but yields the highest possible protection. The basic concept is to create an encrypted container or partition on the computer before moving the Thunderbird profile folder there.
Existing profiles need to be moved to the new location and Thunderbird configured to use that new location for storage.
The encrypted storage container needs to be mounted before Thunderbird can access the profile. The user basically needs to enter the password to decrypt the storage. This has to be done at least once in every computing session in which Thunderbird is needed. At least once means that it depends on the user's handling of the encrypted storage after Thunderbird has been used. Some users might prefer to unmount the encrypted container to protect Thunderbird efficiently while others might prefer to keep it mounted to be able to access emails in Thunderbird faster.
If you like our content, and would like to help, please consider making a contribution: