Encrypting files and folders in Windows

If you are the type of computer user who is paranoid about security, and your PC is installed with Windows 2000 or higher, encrypting your files and/or folders is easy using Windows’ Encrypting File System (EFS) feature. However, EFS will only work on an uncompressed NTFS partition. If the partition is FAT-32, EFS will not be enabled on that partition. If compression is set on the partition, the file or folder will be uncompressed prior to encryption.

To encrypt a file or folder, right-click the file, open Properties on the context menu, click Advanced, then check the Encrypt contents to secure data option. If it’s a folder you’re encrypting, you’ll be ask if you want to encrypt only the folder (which means that only those files that are created or subsequently moved to the folder will be encrypted) or if you want to encrypt the folder and all sub-folders and files in it. Choose whichever option you like. It’s that simple. Unless you give them access to the file or folder, other users of the PC will not be able to open the file or folder as long as it is encrypted.

To decrypt, follow the same steps above, except that you have to remove the check on the Encrypt contents to secure data option.

When you encrypt your first file or folder, a certificate that is used for subsequent encryption and decryption is generated. You need to make a backup copy of this certificate to ensure that you’ll still be able to access your encrypted files and decrypt them in case the certificate becomes corrupted or gets lost. To back up the certificate, open Internet Explorer, go to Tools, then Internet Options, click the Content Tab, select Certificates, then the Personal Tab. Browse through the available certificates until you get to one whose intended purpose shows Encrypting File System. Click Export, then follow the Certificate Manager Export Wizard to export the certificate to a floppy, another location on the hard disk or a CD.

If you’re not in the habit of securing your sensitive information, you should begin adopting the practice, particularly since it doesn’t require third-party software. In the case of laptop users, file and folder encryption will protect their files from thieves. Even if the OS is reinstalled on a laptop that has been stolen, the information in encrypted files and folders will remain protected. Desktop users with Internet access are also encouraged to start using encryption, given the potential of a hacker compromising and attacking their systems.

For more info on EFS, see http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/cryptfs.mspx. Note that the EFS in Vista is essentially the same as in Windows 2000 and Windows XP.

For users who want more control over the way their systems are encrypted, there are third-party tools that do the job better than EFS. One of these tools is the open-source program TrueCrypt, which I will tackle in another article. For now, if you want to read up on this program, which allows encryption of entire hard disk partitions and the creation of a virtual encrypted hard disk, surf on over to http://www.truecrypt.org/.

Posted in Categories: Software, Windows or Vista ~ No Tags ~ Trackback

Related Posts: No related posts