How To Password Protect The Email Client Thunderbird
Password protection is not enabled by default in the email client Mozilla Thunderbird. Anyone with access to the computer system may open Thunderbird, read the emails and look at contacts and other information stored in the software.
This lack of protection could be a problem if multiple users are using the computer or if other users have (theoretical) access to the PC which is often the case at work.
The following guide reviews two options on how to protect the Thunderbird email client to prevent unauthorized access to the data.
Password Protection Add-on
Thunderbird, just like Firefox, supports add-ons. Add-ons are small programs that increase or change the functionality of the email client.
Profile Password is a Thunderbird add-on that offers the means to password protect a Thunderbird profile. The extension adds a new entry to the Tools menu of the email client.
Thunderbird displays a password form on startup once a password has been set in the extension's options.
This protection is generally considered to be weak, largely because of options to circumvent the protection. It is for instance possible to access the mails and other information directly in the Thunderbird profile directory.
It might provide enough protection in some situations but technical users will find a way around it eventually. This protection becomes stronger if IMAP accounts are used since the emails are by default not downloaded to the local computer system. Thunderbird 3 on the other hand makes use of email synchronization by default which downloads the messages to the local PC. This feature needs to be disabled in Account Settings --> Synchronization & Storage.
Using Encryption
Profile encryption is the only available option to protect a Thunderbird profile completely from access by third parties. The encryption software True Crypt is a popular choice as it is available for Windows, Linux and Mac.
See Create a secure data safe with True Crypt for pointers on how to create an encrypted partition or container on your computer.
It's more complicated to setup but yields the highest possible protection. The basic concept is to create an encrypted container or partition on the computer before moving the Thunderbird profile folder there.
Existing profiles need to be moved to the new location and Thunderbird configured to use that new location for storage.
The encrypted storage container needs to be mounted before Thunderbird can access the profile. The user basically needs to enter the password to decrypt the storage. This has to be done at least once in every computing session in which Thunderbird is needed. At least once means that it depends on the user's handling of the encrypted storage after Thunderbird has been used. Some users might prefer to unmount the encrypted container to protect Thunderbird efficiently while others might prefer to keep it mounted to be able to access emails in Thunderbird faster.
Great tips. I think the password add-on option is a good one. It should be enough to stop the casual snooper. Encryption is probably more than I need, but it is good to have that as an option as well.
Password protection works if the other users accessing the PC are not that tech-savvy and not that interested in snooping. It does not make lots of sense to install it on a one-user PC though, I think.
Isn’t there a way to start Thunderbird without add-ons (I’m thinking of something like Safe Mode)?
I don’t know why Thunderbird doesn’t put this in. It is so simple to do and TrulyMail has had it for quite a while. Just a simple password to ‘keep honest people honest.’
Larry yes, Safe Mode is an option. It is also possible to access the mails directly in the profile or delete the extension there.
mmm…as for me I prefer to use Protemac LoginTrap (protemac.com)
Portable apps are great. There’s a TrulyMail Portable and a Thunderbird Portable (have used both and love them both) but I don’t know why Microsoft never built an Outlook Portable.
Securing with TrueCrypt is also a great idea (I do it). Portable and secure… what more could you want?
Hi,
I had read this article and came up with the idea
to protected the TB Profil with TrueCrypt. (automatically)
Thunderbird Portable – TC
http://svsload.com/wd/thunderbird-portable-tc-mit-profil-passwortschutz/
Is in German, but you can use any Thunderbird.
Copy to ..AppThunderbird
Create Thunderbird portable in your language (with thunderbird-setup.exe)
You can also use my “Portable-Thunderbird Maker” for this
http://svsload.com/wd/portable-thunderbird-maker/
thank you so much for teaching us about the email client thunder.
I’m sooo surprised that Thunderbird hasn’t implemented yet profile encryption … something that should have been done long ago. It reminds me the non-existent security in very early windows.
There is one thing that has been bothering me about Profile Password. How do I reset the password here in case I forget it? The only option that I am currently having is to start Thunderbird in safe-mode and uninstall the addon. If I try to install it again, I am prompted for the password. Doesn’t the previous password get deleted when I uninstall the addon? If not in which file is it getting saved? I have tried searching for it but have not been succesful. Any help provided would be much appreciated. Thanks.
The best way is using addon in thunderbird.
This addon is working they way we all wanted.
https://addons.mozilla.org/en-US/thunderbird/addon/master-password/?src=search
Hope it’s what you all need..
Hey
I hat it, that I’m able to see my already downloaded emails etc. in Thunderbird even without logging in with my password. All I need is jut X the insert password box.
Is there a way to not only protect from downloading new messages by password but also protect from reading and modifying the account by password?
thanks a lot
Not from within Thunderbird, but you can encrypt your mailboxes, for instance by creating a TrueCrypt container, placing it inside, and making sure they are linked properly from Thunderbird (or the full Thunderbird profile).
Ok Thanks thats a good version.
For my purpose, i found that the add on startup master works as well.
cheers