Re: Folder Encryption

From: Torgeir Bakken (Torgeir.Bakken-spam@hydro.com)
Date: 08/28/02

• Next message: Tim: "Folder Security in XP Home"
• Previous message: Torgeir Bakken: "Re: Encrypt Photos and videos???"
• In reply to: Tom Kennedy: "Re: Folder Encryption"
• Next in thread: Al Morris: "Re: Folder Encryption"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: Torgeir Bakken <Torgeir.Bakken-spam@hydro.com>
Date: Wed, 28 Aug 2002 21:55:53 +0200

Tom Kennedy wrote:

> So I have a couple questions and unfortunately I'm not on
> my home computer to try things out. I completed changing
> my file system to NTFS last night... no problems and I am
> now able to encrypt folders in the way it recommends.
> Could someone please forward me a link or something where
> I can find info (in plain english...i'm no computer
> expert) on the "recovery agent" that a couple of you refer
> to, so that I understand encryption more fully?

Unless you are on a domain, do not use encryption. You will most likely sooner
or later loose your data (for good). It is not without reason Kent W. England
calls EFS the "delayed Recycle Bin". Use NTFS permissions instead to protect
your data.

But if you must, in this link:
http://www.microsoft.com/WINDOWSXP/pro/techinfo/administration/recovery/default.asp

it is described how to create a data recovery agent (DRA), and also gives
information/links on to how to export keys, e.g.

page 5 "Data Recovery on Standalone Machines"
page 18 "Importing and Exporting Data Recovery Agent Keys"

and page 49 "Knowledge Base Articles on EFS" you will find e.g.

Q241201 How to Back Up Your Encrypting File System Private Key
Q259732 EFS Recovery Agent Cannot Export Private Keys
Q255742 Methods for Recovering Encrypted Data Files

Reading Q255742, will give you this as well:

Q241201 HOW TO: Back Up Your Encrypting File System Private Key in Windows 2000
Q242296 How to Restore an EFS Private Key for Encrypted Data Recovery

If your computer is not a member of an AD domain, this is obligatory reading:

page 34 "Using EFS with Standalone Machines or NT 4.0 Domains"

--
torgeir

---

• Next message: Tim: "Folder Security in XP Home"
• Previous message: Torgeir Bakken: "Re: Encrypt Photos and videos???"
• In reply to: Tom Kennedy: "Re: Folder Encryption"
• Next in thread: Al Morris: "Re: Folder Encryption"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: HELP ... users private key you would need to have a backed up copy from the old operating ... A Recovery Agent would need to have been ... > 3- you have the EFS private key for the Recovery agent in a .pfx ... >>> MESSSGAE AND ITS UNABLE TO REMOVE THE ENCRYPTION AND DISPLAY ACCESS ... (microsoft.public.windows.group_policy) Re: Encrypted files - cant access ... If you have a backup of recovery agent private key or private key of the ... encryption keys from hard drive. ... (microsoft.public.win2000.security) Re: Password Protected login ... Do not to use encryption unless you are in a domain and you know what you ... as well not having created a Recovery Agent (with backup of the recovery ... page 5 "Data Recovery on Standalone Machines" ... Back Up Your Encrypting File System Private Key in Windows 2000 ... (microsoft.public.windowsxp.security_admin) Key Recovery and Decryption ... I had the encryption key backed up on ... and designating a Data Recovery Agent. ... to install the Administrator's Data Recovery Certificate ... corresponding private key but if I try to export this ... (microsoft.public.windowsxp.security_admin) Re: Encrypting File System ... personal encryption certificate ... copies of your certificate (and no recovery agent certificates exist), ... | I've tried everything I can think of to get around the problem of not having the original private key and NOTHING works for me. ... (microsoft.public.windowsxp.security_admin)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)