Features of Windows Encrypting File System (EFS)

by Marieta Leke.
Share
|
Homepage | Submit your article | Contact | TOS
More articles on data security  

You are here: Categories » Computers and technology » Data security

• Only available on Windows 2000 and Windows XP operating systems using NTFS partitions and volumes. (NTFS v5).

• Encryption is transparent to the user.

• Uses public-key encryption. Using a public key from the user’s certificate encrypts keys that are used to encrypt the file. The list of encrypted fileencryption keys is kept with the encrypted file and is unique to it. When decrypting the file encryption keys, the file owner provides a private key that only he has.

• If the owner has lost his private key, an appointed recovery system agent can open the file using his/her key instead.

• EFS resides in the Windows OS kernel and uses the non-paged memory pool to store file encryption keys - this means no one will be able to extract them from your paging file.

• Encrypted files can be backed up using the Backup Utility, but will retain their encrypted state as access permissions are preserved.

• Microsoft recommends creating an NTFS folder and encrypting it. In the Properties dialog box for the folder click the General tab then the Advanced button and select the "Encrypt Contents To Secure Data" check box. The folder isn't encrypted, but files placed in it will be automatically encrypted. Uncheck the box if you want to decrypt the contents of the folder.

• Although it is recommended that encryption take place at the folder level, it can be done at the file level. Encryption at the folder level will automatically result in all files inside the folder being encrypted. Files moved into or created in an encrypted folder will automatically become encrypted at that time.

• Default encryption strength is 128-bit.

• Compressed files can't be encrypted and vice versa.

• You can share encrypted files under Windows XP Professional by adding the additional users you want to have access to the file after it has been encrypted. (This is not possible under Windows 2000).

• In Windows 2000, Data Recovery Agents (DRAs) were required to implement EFS. In Windows XP, they are optional. Microsoft recommends that all stand-alone or domain environments have at least one designated DRA.

• Use the Cipher command to work with encrypted files from the command line.

• The efsinfo.exe utility in the WINXP Resource Kit allows an administrator to determine information about encrypted files.

Share
Leave a comment or ask a question
Total comments: 0

Data security Disclaimer

  • The e-articles directory is not responsible for any and all copyright infringements by writers and authors. If you suspect the information contained by this page for any copyright infringements, please contact us to investigate the issue
Online Security on Public Computers - Using public computers can put you at risk for password hackers who use tools such as keystroke logging devices. Find out how to protect yourself from criminals preying on public computers. (more...)
How to Create a Strong Password - Using a password keeper can help you keep your online information more secure by allowing you to create more complex passwords for your Internet accounts without having to remember them. Here a (more...)
How Many Passwords do You Know to Protect Your Computer Privacy - 1.Administrators Password: It is the most common way to lock your computer. But is it the safest way? Mostly, it is the easiest way to lock your computer. How to (more...)
What will be a perfect password - Myth: if it is encrypted, it is secure Truth: if it is not encrypted, it is not secure Before creating a password you should know: ⑴ NO passwo (more...)
How to bypass Windows Password - Forgot or lost windows password? Have been locked out of computer? Do not want to reinstall the computer because there is vital data on your computer? Oh, well, it is not that scar (more...)
UniKey API protection scheme ensures the highest security for software vendors - A question that regularly was come up is whether software could be one hundred percent secured by a dongle, or thought some dongles have been seriously cracked, why most expensive software still us (more...)
Sharing online passwords with important people - On the surface, it might seem ludicrous to think that anyone would want to share their important Internet passwords with other people. But the truth is that there are many instances where you might (more...)
Using tags can help you organize your passwords - For people with multiple Internet log-ins, keeping them organized can be incredibly complex. A service like Mitto.com can simplify the process by allowing you to attach tags to your log-in info (more...)
Rogue antispyware is a danger for all Internet users - There are several common but very popular viruses that everyone can catch nowadays. That's swine flue and malicious software. Swine flue can be dangerous to your health though in the most cases it (more...)
Spyware - Anyone who owns a computer knows about the threats of viruses and worms. But over the past ten years there has bean another concern annoying computer owners to death. This problem is Sp (more...)
 
free content
    Copyright © 2006 - 2012 e-articles.info.
The texts, articles and tutorials in the directory are property of their respective owners and authors.