RE: cannot decrypt encrypted files

thx for your explanation. i think i'll make them again, since i don't have
any recently backup of those files :(
actually i've done this before, except i don't delete any of system folder,
i just overwrite windows installation, and i can access my file again with
newly created username with same name & password.so i feel confident to
install windows without decrypting those file.unfortunetly it can't.LOL.
but really appreciate your explanation, i will be more carefull next time
with encrypted files
thx again.


"lelteto" wrote:

Reinstalling Windows (or even deleting the user and re-creating it) WIPES OUT
all the KEYS used to encrypt user data. Basically Windows creates an INTERNAL
encryption key which is protected by the user's credential. If you delete the
user and re-create the same one (same name, same password, same everything)
Windows will create a completely NEW random encryption key for that NEW user.
(Windows has no idea that you wanted the same user. For it that's a
completely new user which has nothing common with the previous one on the
system.)

Note that although you could take ownership of the encrypted files (with an
administrator account) which would "solve" your access denied error issue,
you would still not be able to get the DATA as it was encrypted with a key
which is now completely gone.
Actually, this is a pretty GOOD security feature of Windows. This prevents
even an Administrator to snoop on other users' files. (Of course, an admin
would have other ways like installing a keyboard logger and get the other
users' login passwords - but that still don't work eg. if you steal a laptop
and try to get to encrypted files on it.)

I hope you kept some BACKUP files of your data (unencrypted or encrypted
with some other method) because once you deleted the original user, it's
unique data encryption key is gone.

Laszlo Elteto
SafeNet, Inc.

"Conan" wrote:

need some help here please,

i reinstall windows XP SP 2 and now all my encrypted files cannot be restored
i already create a same username and password. i also tried to make the
computer name the same too
but it still says 'Access Denied'. i didn't format the drive, i only delete
'windows', 'program files', and 'document and settings' folder manually.what
i have to do, to make the files think that 'I never reinstalled windows' what
the parameter needed.
really appreciate any help, i spend years to collect this data.
please...

thank you
.

Relevant Pages

  • Re: Cached Domain Password on Notebook, secure?
    ... "Backing Up an Encrypted Folder or File ... Backup created using the Copy command or menu ... or any backup utility that supports Windows 2000 features. ... the file encryption, and the backup operator does not need access to private ...
    (Focus-Microsoft)
  • Re: user does not have acces privileges
    ... to reinstall the windows to do that. ... ownership is the reason of the inaccessibility. ... I'm not an expert but I find out, it is not the encryption but ... "Zorro" wrote: ...
    (microsoft.public.windowsxp.accessibility)
  • RE: cannot decrypt encrypted files
    ... Reinstalling Windows WIPES OUT ... Windows will create a completely NEW random encryption key for that NEW user. ... Note that although you could take ownership of the encrypted files (with an ...
    (microsoft.public.platformsdk.security)
  • Re: RESET Encryption in Folder and File (Win XP Pro )
    ... If you have reinstalled Windows and you did not backup your encryption ... > in my folder. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: user does not have acces privileges
    ... But now at the new files I should have the right EFS key in my computer. ... That means there is something wrong with the ownership settings and that was ... Or it is only matter if the encryption is combined with the ownership change? ... to reinstall the windows to do that. ...
    (microsoft.public.windowsxp.accessibility)