WindowsXP Pro and certain implementations of Windows Vista have a fun little feature known as file encryption. On WindowsXP Pro, this feature is called EFS or Encrypted File System and can be implemented on the file or folder level by right clicking on said file/folder, selecting properties, followed by advanced and selecting “Encrypt contents to secure data”. While this is a very handy feature for those of us looking to secure files on our computer, it can also lead to a very costly mistake. What some fail to realize is that these files are encrypted using what is known as a private key. Once the file has been encrypted, it is locked to the NTFS drive that it is stored on (you can only encrypt with EFS on NTFS partitions). This means you cannot delete it, copy it, move it, etc etc without having the private key that was used to encrypt it. If you never plan on formatting your hard drive, buying a new computer or dealing with a hard drive failure, than this may not be a problem for you, but for those of you out there who live in the real world, you will want to pay close attention. ALWAYS backup your Windows private key if you plan to use or have used Windows file encryption! In a lot of cases, users fail to realize how this system works and a few months down the road after they have copied those encrypted files to a new computer (without the private key) they suddenly realize that they can no longer open them, or do anything with them for that matter. If said files were of great importance, this can lead to incredible levels of frustration! You’ve been warned!
So, now that you’re good and scared…how do you go about backing up a private key? Well Microsoft does a pretty good job explaining it HERE. As a hint, the certificate export wizard can be found in Internet Options under the Content tab. Keep in mind, you will want to backup your private key to a secure medium other than your hard drive, that way you can recover it and import it to a new computer if need be.
Technorati Tags: encryption, windows file encryption, windows encryption, efs, backup privet key
Share This
