«

I'm confused about file encryption under Win XP Pro. I hope someone can
clarify this for me.

I have a few hundred files containing sensitive information backed up to an
external hard drive, and encrypted using Windows XP Pro (Right click on
folder - Properties - Advanced - Encrypt contents to secure data). The
folder shows up in green in Windows Explorer. When I log in to Windows, I
can access these files transparently. When other users log onto my computer,
they are denied access to these files.

My question - Suppose my current computer dies and I get a new computer.
Will I be able to access these encrypted files on the external hard drive,
assuming I create a username and password on the new computer identical to
my current username and password?

A more general question - how does Windows construct the encryption key used
to encrypt files and folders under Windows XP Pro? Is it just derived from
my username and password, or does other computer-specific information go
into the making of the key?

Thanks in advance for any help. I found the Windows Help file confusing.

On Tue, 2 Aug 2005 20:22:39 -0400, "Murray" <> wrote:

>I'm confused about file encryption under Win XP Pro. I hope someone can
>clarify this for me.
>
>I have a few hundred files containing sensitive information backed up to an
>external hard drive, and encrypted using Windows XP Pro (Right click on
>folder - Properties - Advanced - Encrypt contents to secure data). The
>folder shows up in green in Windows Explorer. When I log in to Windows, I
>can access these files transparently. When other users log onto my computer,
>they are denied access to these files.
>
>My question - Suppose my current computer dies and I get a new computer.
>Will I be able to access these encrypted files on the external hard drive,
>assuming I create a username and password on the new computer identical to
>my current username and password?
>
>A more general question - how does Windows construct the encryption key used
>to encrypt files and folders under Windows XP Pro? Is it just derived from
>my username and password, or does other computer-specific information go
>into the making of the key?
>
>Thanks in advance for any help. I found the Windows Help file confusing.
>

Backing Up and Restoring Encrypted Files or Folders
In Windows XP Professional, encrypted files and folders remain encrypted if you back them up by using Backup in
Administrative Tools. You can also use the ntbackup command, the backup APIs, or other backup products designed for use
with Windows XP Professional. Backup files remain encrypted when transferred across the network or when copied or moved
onto any storage medium, including non-NTFS volumes. If backup files are restored to volumes formatted by using the
version of NTFS used in Windows 2000 or later, they remain encrypted. Along with providing excellent disaster recovery,
backups can also be used to securely move files between computers, sites, and so on.

Opening restored, encrypted files is no different from decrypting and opening any encrypted files. However, if files are
restored from backup onto a new computer, in a new forest, or at any location at which the user's profile (and thus the
private key needed to decrypt the files) is not available, the user can import an EFS certificate and private key. After
importing the certificate and private key, the user can decrypt the files.

"Murray" <> wrote in message
news:_PadnQuouvXQk23fRVn-...
> I'm confused about file encryption under Win XP Pro. I hope someone
> can
> clarify this for me.
>
> I have a few hundred files containing sensitive information backed up
> to an
> external hard drive, and encrypted using Windows XP Pro (Right click
> on
> folder - Properties - Advanced - Encrypt contents to secure data). The
> folder shows up in green in Windows Explorer. When I log in to
> Windows, I
> can access these files transparently. When other users log onto my
> computer,
> they are denied access to these files.
>
> My question - Suppose my current computer dies and I get a new
> computer.
> Will I be able to access these encrypted files on the external hard
> drive,
> assuming I create a username and password on the new computer
> identical to
> my current username and password?
>
> A more general question - how does Windows construct the encryption
> key used
> to encrypt files and folders under Windows XP Pro? Is it just derived
> from
> my username and password, or does other computer-specific information
> go
> into the making of the key?
>
> Thanks in advance for any help. I found the Windows Help file
> confusing.
>
>


Open the Certificate Manager snap-in (certmgr.msc) and export the EFS
certificate under the Personal category onto a floppy or other removable
media (but not one that relies on drive mechanicals but just composes
the medium for storage, like a floppy, CD-R, Zip disk, etc.). Then lock
it away. When you reinstall the OS, you will need to import that
certificate under which the files were encrypted. The include Help and
Support in Windows XP can help you on how to export the certificate.

--
__________________________________________________ __________
For e-mail, remove "NIX" and add "#LAH" passcode to Subject.
__________________________________________________ __________