Re: Encrypting locked files with EFS (WinXP)
From: Steven L Umbach (n9rou_at_nsattbi.com)
Date: 06/14/03
- Next message: Steven L Umbach: "Re: Everyone permissions"
- Previous message: Marissa: "Re: workstation administrator password"
- In reply to: Joerg: "Encrypting locked files with EFS (WinXP)"
- Next in thread: Joerg: "Re: Encrypting locked files with EFS (WinXP)"
- Reply: Joerg: "Re: Encrypting locked files with EFS (WinXP)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 14 Jun 2003 12:21:51 GMT
You do not want to encrypt that folder. What you want to do is to
export/delete your user private key for EFS [and recovery agent if their is
one]. Keep those keys in a safe place away from the computer, and do NOT
lose them. That is the only way to protect the EFS files from attack -
particulary if someone can gain physical access to your compter. You will
have to import your private key when you need to access those files ---
Steve
http://support.microsoft.com/default.aspx?scid=kb;EN-US;223316
http://support.microsoft.com/default.aspx?scid=kb;EN-US;241201
"Joerg" <jbrenni@freenet.de> wrote in message
news:oprqq931nftzj9as@news.uni-muenster.de...
> Hello,
>
> I want do encrypt my user folder using the encryption file system of
> Windows XP Professional, but I've got problems with locked files ("access
> denied"). E.g., I can't encrypt the folders
> - ...\Application Data\Microsoft\SystemCertificates and
> - ...\Application Data\Microsoft\Credentials
> because those files are locked / opened.
>
> If I switch to another user to encrypt those data, they are encrypted with
> their keys which is not what I want, of course. On the other hand, AFAIK I
> can't log on as the user that the data belongs to without those files
being
> locked. Is there a way to encrypt those files? Can I encrypt files using a
> key of another user? I didn't find this possibility in the cipher.exe
> command.
>
> I think that I have to encrypt the SystemCertificates folder because
> otherwise I fear that an attacker could use those certificates to decrypt
> the other user data which I successfully encrypted. Is this correct?
>
> Thank you very much,
> Jörg
- Next message: Steven L Umbach: "Re: Everyone permissions"
- Previous message: Marissa: "Re: workstation administrator password"
- In reply to: Joerg: "Encrypting locked files with EFS (WinXP)"
- Next in thread: Joerg: "Re: Encrypting locked files with EFS (WinXP)"
- Reply: Joerg: "Re: Encrypting locked files with EFS (WinXP)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
