FirePassword is the tool designed to decrypt the username and password list from Firefox sign-on database. Firefox records the login details such as username and password for every website authorized by the user and stores them in the sign-on database file in encrypted format.

FirePassword tool can decrypt and display these secrets on the same lines as the Firefox built-in password manager. The main advantage of FirePassword is that it does not require Firefox to be running. This is very useful in recovering the sign-on details when Firefox fails to function properly. Also FirePassword can be used to display sign-on secrets from different profile (other than current profile) as well as from the different operating system (such as Linux, Mac etc) altogether. This greatly helps forensic investigators who can copy the relevant files from the target system to test machine and view the credentials offline without affecting the target environment.

Firefox has a built-in password manager tool which stores username and passwords for all the visited websites. These credentials are stored in the encrypted form in the Firefox profile's database files such as key3.db and signons.txt.

The key3.db file contains master password related information such as encrypted password check string, salt, algorithm and version information etc.

Firefox stores the sign-on credentials in signons.txt file located in the user profile directory. The structure of sign-on information in the signons.txt file (signons2.txt for version 2 and signons3.txt for version 3) is as follows.  

Here each Host entry can have multiple username/password pairs. Starting from Firefox version 2.0, sub domain URL is also included along with username/password entry. If it is the password field then it begins with '*'. This is the key in distinguishing between username and password entry.

Now once the username and password values are extracted, next task is to decrypt them. Information required to decrypt these values is stored in key3.db file. If the master password is set, then you must provide the master password to proceed with decryption. If you have forgotten the master password, then you can use Firemaster tool to recover the master password. If the master password is set and if you have not provided it, then FirePassword will prompt you to enter the master password.

FirePassword is the console tool, hence it must be run from the cmd prompt. Type the FirePassword.exe by specifying master password and Firefox profile path. If the master password is not set for that profile then there is no need to specify it. Also if the 'profile path' is not entered then it will automatically use the current profile directory.

One can also copy the Firefox profile files from different operating system such as Linux, Mac to the Windows system locally and then specify this folder path with the FirePassword.

FirePassword is successfully tested with  Firefox version 1.0 to 3.0 and should work with any Firefox greater than version 1.0

If you encounter any problem with FirePassword, then please drop a mail to me mentioning your Firefox version and any other details which will help in fixing the problem.

FirePassword is designed for good purpose to help users to recover and view their sign-on secrets. Like any tool its use either good or bad, depends upon the user who uses it. However author is not responsible for damage caused due to misuse of this tool.