Encrypt your entire Firefox profile using TrueCrypt!

This script was updated 2013-06-29! Please get the latest here!

Do you have a habit of carrying your PC laptop or portable hard drive around wherever you go?
Do also prefer to save your passwords in Firefox?

The setup described above is especially bad if your laptop gets stolen. To prepare for such an emergency I would recommend you to continue reading. I also recommend you to try Prey, a way of retrieving your stolpen computer. (It’s open source and uses AutoHotkey scripts)

TrueCrypt

TrueCrypt is an easy to use open source solution for your work related documents and everyday encryption needs. While you may use it to encrypt your entire drive this is a solution which may not work for you or your family if they also use the same computer. There are countless of security setups and software that attempts to solve this problem for you. Some are reliable, some are free and some very costly.

My experience with TrueCrypt is that it has always worked very well, and has been working well for a long time. Some software may go out of date, stop being updated or sold to other sub-par companies. Being open source in this way can be a favor for longevity.

I want  to share a simple script that launches TrueCrypt, give you a direct input for your password, mounts your drive and then launches Firefox. When the drive is mounted Firefox loads the profile data from the encrypted drive and keeps the drive mounted until you quit. Simple and useful!

Preparation

  1. Start up TrueCrypt and follow the guide to create an encrypted file container
  2. Save the encrypted file container as D:\FirefoxProfile.tc
    (this name is an example, you can rename this later)
  3. Manually mount the file you just created to drive Q:\ using TrueCrypt
  4. Create a new folder and name it Firefox Profile
  5. Locate your Mozilla Firefox profile folder
  6. After you have found it copy all of the contents (including subfolders) to your new folder created on the encrypted drive Q:\Firefox Profile
    (Remember to shut down Firefox before copying the data or it won’t work properly!)
  7. Delete or preferably shred your original profile folder.
  8. Manually dismount the volume in TrueCrypt.
  9. Optional: Rename directories and file names to your liking (also do this in the script file).
  10. Run the script!

Visual Basic Script (*.vbs)

This will start wscript.exe and keep it running for the duration that Firefox is open. When Firefox closes, it will automatically dismount the drive.

Download the script FirefoxEncrypted.vbs directly.
Depending on your browser settings you may have to right click and select save link/target as.

Alternatively you can copy the code from below, paste it into Notepad or your favourite text editor and save it as FirefoxEncrypted.vbs.


'Declare shell object
set shell = CreateObject("WScript.Shell")

'Function to put quotation marks around paths to avoid space issues
function qPath(vl)
  qPath = Chr(34) & vl & Chr(34)
end function

'User defined settings, EDIT THIS
'---------------------
'Choose a free drive letter
TCLetter = "Q"
'The path to your TrueCrypt installation
TCPath = "%PROGRAMFILES(x86)%\TrueCrypt\TrueCrypt.exe"
'The path to your TrueCrypt file container
TCVolumeFile = "D:\FirefoxProfile.tc"
'The path to your Firefox installation
FirefoxPath = "%PROGRAMFILES(x86)%\Mozilla Firefox\firefox.exe"
'The path to your Firefox Profile
FirefoxProfilePath = TCLetter & ":\Firefox Profile"

'Arguments to TrueCrypt, DON'T EDIT THIS
'---------------------
TCMountArgs = " /letter " & TCLetter & " /m ts /volume "
TCDismountArgs = " /dismount " & TCLetter & " /force /auto /wipecache /quit "

shell.Run qPath(TCPath) & TCMountArgs & qPath(TCVolumeFile) & " /quit", 1, true
shell.Run qPath(FirefoxPath) & " -profile " & qPath(FirefoxProfilePath), 1, true
shell.Run qPath(TCPath) & TCDismountArgs, 1, true

wscript.quit

Further explanation

Windows variables are assigned values for programs to easily find the important system folders in Windows. Here are some examples:
%ProgramFiles% References your C:\Program Files\ folder. This may be different depending on which language pack you are using.
%ProgramFiles(x86)% References your C:\Program Files (x86)\ folder. This only exists on 64 bit windows to store older 32 bit (x86) software.
%AppData% References your C:\Documents and Settings\<User Name>\AppData\Roaming\ folder.
To list all windows variables open up your command console using Run, type cmd /k set and press enter.

You can use this script with Thunderbird as well! Replace the paths and do the same with your Thunderbird profile. I recommend you to create another file container and assign a different drive letter for this, lest closing down either will attempt to dismount the other.

Known issues

This guide assumes that you are running a 64 bit Windows and have both Firefox and TrueCrypt 32 bit versions installed in the default directory paths. If you are running a 32 bit OS like Windows XP or an early version of Windows 7 you will need to remove (x86) from %ProgramFiles(x86)% in the script.

When updating Firefox you won’t be able to restart immediately since this will exit the script. You will have to manually turn it off, remount and then start again.

Post updated 2013-06-10: Rewrote the script and instructions for easier reading and added a direct download of the script. Also I removed the batch script. Who wants to use an ugly batch window? Hope this helps!

Advertisements

One Comment on “Encrypt your entire Firefox profile using TrueCrypt!”

  1. This is fantastic – I’m sharing this with my circle on G+. You sir, are a genius!


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s