Using File Encryption

Previous page
Table of content
Next page
[Previous] [Next]

The Encrypting File System (EFS), new in Windows 2000, is a component that allows you to encrypt files on NTFS volumes so that only you can use them. When you encrypt a file or folder, Windows uses your encryption certificate and its private key to encrypt the data. Whenever you use the files (that is, when you're logged on with the same user account as when you originally encrypted the files), Windows uses the same certificate to decrypt the files. (It does this in the background, so you continue to use your encrypted files exactly the way you use nonencrypted files.) If anyone else attempts to open, copy, move, or rename any of your encrypted files, they'll be stopped by an access-denied message.

CAUTION
Any user who has Delete permission (one of the permissions included in Modify and Full Control access levels) can delete an encrypted file.

When you encrypt a folder, all files and subfolders in the folder are encrypted—including temporary files that some programs create while you edit a document. Therefore, for carefree automatic protection of your important files, you should encrypt folders rather than individual files. If you save most of your documents in the My Documents folder, it's a good candidate for encryption.

To encrypt a folder:

  1. Right-click the folder (or file, if you want to encrypt an individual file) in Windows Explorer and choose Properties.

  2. On the General tab, click Advanced to display the Advanced Attributes dialog box.

    3. click to view at full size.

  3. Select the Encrypt Contents To Secure Data check box.

NOTE
You can't encrypt compressed files. If the files you choose to encrypt are already compressed, Windows clears the Compressed attribute.

  1. Click OK to close the Advanced Attributes dialog box and click OK again to close the properties dialog box.

    2. If you're encrypting a folder, Windows then displays a confirmation message.

  2. Select an option and click OK.

    • If you select Apply Changes To This Folder Only, Windows doesn't encrypt any of the files currently in the folder. But any new files that you create in the folder (including files that you copy or move to the folder) get encrypted.

    • If you select Apply Changes To This Folder, Subfolders And Files, Windows immediately encrypts all files in the folder as well as its subfolders.

Remember that only your user account (along with your encryption certificate) can use the encrypted files. You can't share encrypted files with other users over a network, or even at the same workstation.

TIP
Back Up Your Encryption Certificate

You should keep a backup copy of your encryption certificate on a floppy disk in a safe place. If you lose your encryption certificate (which could happen, for example, if one of your hard disks fails), you can restore the backup copy and still be able to decrypt your files. To back up your encryption certificate:

  1. In Control Panel, open Users And Passwords.

  2. Click the Advanced tab and click Certificates.

  3. In the Certificates dialog box, click the Personal tab and then select the certificate with your user account name.

  4. Click Export to launch the Certificate Export Wizard, and follow its instructions.


Previous page
Table of content
Next page
Running Microsoft Windows 2000 Professional
Running Microsoft Windows 2000 Professional
ISBN: 1572318384
EAN: 2147483647
Year: 2000
Pages: 317
Authors: Carl Siechert, Craig Stinson
BUY ON AMAZON
C++ GUI Programming with Qt 3
Excel Scientific and Engineering Cookbook (Cookbooks (OReilly))
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
Extending and Embedding PHP
Cultural Imperative: Global Trends in the 21st Century
MPLS Configuration on Cisco IOS Software
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy