Re: Old My folder problem

From: Chris Perigo (chrisperigo@hotmail.com)
Date: 12/03/02 

From: "Chris Perigo" <chrisperigo@hotmail.com>
Date: Tue, 3 Dec 2002 03:16:28 -0800

I've managed to do exactly the same thing on my system
and now cannot get back *a lot* of work.

I've spent the past two days chasing my arse around the
delights of the help system and have been grappling with
the marvels of mmc and designated recovery agents etc.

The help file does seem to suggest that a recovery agent
can decrypt files even if the private key has been lost...

QUOTE:

Recovering encrypted data
Data recovery refers to the process of decrypting a file
without having the private key of the user who encrypted
the file.

You might need to recover data with a recovery agent if:

A user leaves the company.
A user loses the private key.
A law enforcement agency makes a request.

To recover a file, the recovery agent:

Backs up the encrypted files.
Moves the backup copies to a secure system.
Imports their recovery certificate and private key on
that system.
Restores the backup files.
Decrypts the files, using Windows Explorer or the EFS
cipher command.
ENDQUOTE

Are you seriously telling me that even as a designated
recovery agent I cannot decrypt these files?

>-----Original Message-----
>Did you actually encrypt the files?
>If you did and you did not back-up the encryption key or
Recovery
>Agent and are not on a domain, the files are as good as
gone.
>EFS is good at what it does and there is no back door.
>Read and understand this article before using EFS:
>http://www.microsoft.com/windowsxp/pro/techinfo/administr
ation/recovery/default.asp
>However if you are improperly using the
terminology "Encrypted" and
>just kept the folders private, take Ownership to regain
access:
>http://support.microsoft.com/default.aspx?scid=KB;EN-
US;Q308421&
>
>--
>Jupiter Jones
>Please respond to newsgroup only.
>Everyone can benefit from the message.
>
>
>"Doze" <doze_80@hotmail.com> wrote in message
>news:20f7001c298a9$9dc9d3a0$89f82ecf@TK2MSFTNGXA01...
>> I installed my winXp to drive d:, then i made
MyDocuments
>> private and Encrypted it. After while Xp sterted to
crash
>> so i reinstalled it to C: but forgot completly about
>> MyDocuments in drive d:... so now when i try to open
>> MyDocuments (d:) it says "Access is denited"... How
can i
>> access this folder?
>> Thanks! :)
>
>
>.
>

Relevant Pages

  • Re: Event ID 6032
    ... see who is the recovery agent by opening the properties of an encrypted file ... decrypt the files by reversing the process in which you encrypted them. ... to encrypt, you should just be able to un-click the box to decrypt. ... and import the recovery agent certificate from the server. ...
    (microsoft.public.windows.server.sbs)
  • Re: Recovery Agent fails to recover Encrypted Data
    ... >> EFS Recovery Certificate for a user, ... >> Recovery Agent. ... also encrypt a file with ordinary user, ... it is the holder of the *private key* that can open the file as ...
    (microsoft.public.win2000.security)
  • Re: EFS and Biometrics? Other options?
    ... There is no password involved in EFS. ... specified recovery agent and available keys. ... To decrypt the file, the machine must be able to access either the user's ... the private key that corresponds to the public key that was used to encrypt ...
    (Focus-Microsoft)
  • Re: Difficult Encryption Problem
    ... Does EFS encrypt your data using the public key, ... We encrypt your plain text data with various keys - these keys are then ... If you have a recovery agent we also then encrypt the key ring with its ... setting passwords on the local Administrator account it is too risky to ...
    (microsoft.public.windowsxp.security_admin)
  • Re: EFS File Recovery
    ... Are you telling me that I cannot encrypt files at home, ... >> I have verified that the recovery agent can access, and decrypt these ... >> I have exported the recovery agents certificate, and private key to the ...
    (microsoft.public.windows.server.security)