How Can We Help?
Using the Encryptable File System (EFS)
Using the Encryptable File System (EFS) Last Updated: 14 Aug 2004 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ *** PLEASE NOTE: Link(s), If Provided, May Be Wrapped *** Windows 2000, XP and 2003 all support EFS, or the Encryptable File System. This introduces native, secure file-level encryption to Windows via the NTFS file system. EFS is powerful, but more importantly it is dangerous if one does not understand all of the concepts involved, particularly Key Recovery. It is very important that Key Recovery be performed PRIOR to deploying EFS, if you want to have a good chance at recovery in the event of a problem (such as a formatted OS partition). Here are some guides to using EFS: • http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/cryptfs.mspx • http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/prnb_efs_qutx.asp • http://www.microsoft.com/technet/prodtechnol/windows2000serv/howto/efsguide.mspx • http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sharefilesefs.mspx • http://www.microsoft.com/resources/documentation/windows/xp/all/reskit/en-us/prnb_efs_yzfa.asp KEY RECOVERY PRECAUTIONS • http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/prnb_efs_unwq.asp • http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/cryptfs.mspx#XSLTsection126121120120 EFS DATA RECOVERY • http://www.microsoft.com/resources/documentation/windowsserv/2003/standard/proddocs/en-us/sag_seconceptsimprecover.asp • http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/sag_seconceptsimprecover.mspx • http://support.microsoft.com/?KBID=223316 • http://support.microsoft.com/?KBID=290260 • http://support.microsoft.com/?KBID=255742 WHITEPAPERS & TECH DOCUMENTS • http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/cryptfs.mspx • http://www.ntfs.com/internals-encrypted-files.htm PERSONAL NOTES • Aug 2004: Pay special attention to Key Recovery. This cannot be emphasized enough. RELATED TOPICS (ALSO IN THIS ARCHIVE) • http://KB.UltraTech-llc.com/?File=FileSys.TXT • http://KB.UltraTech-llc.com/?File=Passwords.TXT • http://KB.UltraTech-llc.com/?File=Perms.TXT • http://KB.UltraTech-llc.com/?File=Security.TXT • http://KB.UltraTech-llc.com/?File=SetPerms.TXT • http://KB.UltraTech-llc.com/?File=UserAcct.TXT • http://KB.UltraTech-llc.com/?File=UserMgr.TXT • http://KB.UltraTech-llc.com/?File=Utils.TXT • http://KB.UltraTech-llc.com/?File=Windows.TXT