Overview
In order to protect your sensitive login informations, you decide to put a Master Password, so only you can effectively use them and makes you feel better in case you lose your storage media.
Additional Informations
Because you like to have some settings already configured on some websites, cookies are created and stored on the storage media for future references in a file name cookies.sqlite. This file is actually an SQLite database, which contain all the informations regarding your cookies. If you open this file with a plain text editor (ie: notepad), you'll see a bunch of mostly-unreadable data, and some readable text strings, like the URLs of stored cookies.
Application
In case someone retrieve your storage media, even if there is a Master Password, effectively protecting your login informations, the cookies.sqlite is not protected by the encryption scheme.
What the attacker could do, is to create a plain installation of Firefox Portable, copy the cookies.sqlite file of your storage media into the plain installation, and launch the basic Firefox Portable installation. With the URLs stored in the cookies.sqlite file, he could access for example mail.google.com that you previously logged in (without logging out) and gain access to your account, even if the attacker don't even know your password, because the stored cookies will authenticate the browser as the one who previously logged in before.
Recommendations
-Do not store cookies for longer than the current Firefox session (Keep until I close Firefox)
-Use a third-party software that encrypt your Firefox Portable profile or the whole storage media (Toucan, TrueCrypt, etc.)
Visit the Community page
Join our forums
Follow us on BlueSky