In Windows, what is the Encrypting File System, and how can I use it to protect sensitive data? (2024)

  • Skip to content
  • Skip to search
  • Skip to login

This content has been archived, and is no longer maintained by Indiana University. Information here may no longer be accurate, and links may no longer be available or reliable.

The Encrypting File System (EFS) is a component of the NTFSfile system on Windows 2000, Windows XPProfessional, and Windows Server 2003; it allows you to encrypt filesstored on your local computer or on a Windows 2000 or 2003 server. Theencryption and decryption process requires either a private key storedin your profile, or a master recovery key stored by a designated"recovery agent"; for more on the master recovery key, see ARCHIVED: At IU, how can I recover Windows encrypted files without a privatekey? The private key is protected with yourpassphrase; without access to the master recovery key,therefore, anyone who gains access to the EFS encrypted file wouldneed to know your passphrase to turn the encrypted data into usableinformation.

Important: As of April 8, 2014, Microsoft nolonger supports Windows XP with security updates. To ensure thehighest security standards, the UITS Support Center no longerregisters Windows XP devices to the IU network. UITS stronglyrecommends that you look into the options for replacing or upgradingyour Windows XP computers for full compatibility with IU systems. SeeAbout end of life for Windows 8.0, 7, Vista, and XP.

To encrypt a file or folder:

  1. From the Start menu, select Programs or All Programs, then Accessories, and then Windows Explorer.
  2. Right-click the file or folder you want to encrypt, and then click Properties.
  3. On the General tab, click Advanced.
  4. Check Encrypt contents to secure data.
    • If you have chosen to encrypt a single file, you can also encrypt the folder that contains it. In the Encryption Warning window, select Encrypt the file and the parent folder. All files created in the encrypted folder will now be automatically encrypted.
    • If you encrypt a folder instead of a single file, you can encrypt all the contents of the folder as well. Select Apply changes to this folder, subfolders and files.

To decrypt a file or folder:

  1. From the Start menu, select Programs or All Programs, then Accessories, and then Windows Explorer.
  2. Right-click the file or folder you want to decrypt, and then click Properties.
  3. On the General tab, click Advanced.
  4. Clear the Encrypt contents to secure data checkbox, and then click OK.

When you decrypt a folder, you must decide whether to decrypt thefolder only or to decrypt the folder and all files and subfolderscontained within it. If you choose to decrypt the folder only, thefiles and subfolders within the folder remain encrypted. However, whenyou add new files and subfolders to the folder, they will not beautomatically encrypted.

This information was adapted from the Microsoft article Encryptor decrypt a folder or file.

This is document augh in the Knowledge Base.
Last modified on 2018-01-18 15:39:48.

In Windows, what is the Encrypting File System, and how can I use it to protect sensitive data? (2024)

FAQs

In Windows, what is the Encrypting File System, and how can I use it to protect sensitive data? ›

EFS explained

Read On
What is Windows encrypting file system? ›

The Encrypting File System (EFS) on Microsoft Windows is a feature introduced in version 3.0 of NTFS that provides filesystem-level encryption. The technology enables files to be transparently encrypted to protect confidential data from attackers with physical access to the computer.

Discover More Details
How do I use EFS in Windows? ›

How to use EFS
  1. From File Explorer, click on the file or folder you want to encrypt.
  2. Right-click on this file or folder.
  3. Select Properties.
  4. Click Advanced.
  5. Click on the check box for Encrypt contents to secure data.
  6. Click OK.
  7. Click Apply.
Apr 29, 2020

Continue Reading
What are the encryption options available in Windows 10 to secure data? ›

The following are recommendations for using PDE:
  • Enable BitLocker Drive Encryption. ...
  • Backup solution such as OneDrive in Microsoft 365. ...
  • Windows Hello for Business PIN reset service. ...
  • Windows Hello Enhanced Sign-in Security offers additional security when authenticating with Windows Hello for Business via biometrics or PIN.
Aug 25, 2023

See Details
What does it mean to encrypt a file? ›

Encrypting files, folders, and drives on your computer means that no one else can make sense of the data they contain without a particular decryption key—which in most cases is a password known only to you.

Find Out More
Does Windows encrypt files automatically? ›

Windows 10 automatically encrypts any file downloaded to the desktop or any other external drive (lock icon appears). I have to right-click the file(s), go to Properties > Advanced and uncheck "encrypt contents to secure data."

Tell Me More
Is Windows encryption safe? ›

This windows security software increases your computer's safety, so you can protect your sensitive information from incoming attacks using advanced encryption algorithms, which ensure that your files remain secure even if your computer falls into the wrong hands.

Show Me More
Can Windows access EFS? ›

Amazon (as of 2023) does not have a direct driver for EFS volumes for Windows. If you are using Net-X-Code in a cloud environment we recommend running the Linux version for direct access to the EFS volumes.

Explore More
What is the difference between EFS and BitLocker? ›

EFS -- the "encrypting file system" -- works differently. Rather than encrypting your entire drive, you use EFS to encrypt individual files and directories, one by one. Where BitLocker is a "set it and forget it" system, EFS requires you manually select the files you want to encrypt and change this setting.

Continue Reading
Does NTFS have encryption? ›

NTFS encryption is a feature that allows you to protect your files from unauthorized access by encrypting them with a unique key. In this article, you will learn how to enable and disable NTFS encryption for individual files or folders, and how to manage the encryption keys.

Show Me More

How do I encrypt and password protect a file in Windows 10? ›

Protect a document with a password
  1. Go to File > Info > Protect Document > Encrypt with Password.
  2. Type a password, then type it again to confirm it.
  3. Save the file to make sure the password takes effect.

Read The Full Story
What are two types of encryption on a Windows device? ›

This prevents unauthorized people or hackers from accessing the information. There are two main computer encryption types: full disk encryption and file-level encryption. Full Disk Encryption (FDE) or whole disk encryption protects the entire volume and all files on the drive against unauthorized access.

See Details
What is the best way to encrypt files on my computer? ›

How to encrypt files with Windows
  1. Right-click or press and hold the file or folder you want to encrypt. Select Properties.
  2. Click the Advanced… button and check the box next to Encrypt contents to secure data.
  3. Select OK to close the Advanced Attributes window and then select Apply.
  4. Click OK.
Mar 15, 2023

Get More Info Here
What is an example of file encryption? ›

Triple DES, RSA, and AES are examples of encryption algorithms, or ciphers.

Continue Reading
What files you need to encrypt? ›

The aforementioned files that you may need to encrypt encompass a range of file types, including but not limited to:
  • PDFs.
  • Excel spreadsheets.
  • Word documents.
  • Images.
  • Videos.

View More
What is the difference between Windows Encrypting File System and BitLocker? ›

Yes, Encrypting File System (EFS) can be used to encrypt files on a BitLocker-protected drive. BitLocker helps protect the entire operating system drive against offline attacks, whereas EFS can provide additional user-based file level encryption for security separation between multiple users of the same computer.

View Details
Should I encrypt system drive? ›

The Importance of Encryption

Encryption is the key to protecting the data on your hard drives. You can choose an encryption program that will make it more difficult for the thief to access the information, and prevent anyone who might find your portable drive from accessing it easily.

See More
How do I remove Windows encryption from files? ›

Decrypt Files From Properties

If you've encrypted your files with EFS, then you can easily decrypt them from the Properties section. Right-click on the encrypted file and select Properties. In the General tab, select Advanced. Now, uncheck the Encrypt contents to secure data radio box and click on OK.

Learn More
Top Articles
What is an income statement
3 Financial Reports Every CEO Should Know How To Read and Interpret
Expansion Of Duties Permit Ffxiv
Best Sleeper Wide Receivers
Latest Posts
Why Credit Scores May Drop After Paying Off Debt | Equifax
What does accounts receivable mean and how does it work? | unbiased.co.uk
Article information

Author: Edwin Metz

Last Updated:

Views: 5882

Rating: 4.8 / 5 (78 voted)

Reviews: 93% of readers found this page helpful

Author information

Name: Edwin Metz

Birthday: 1997-04-16

Address: 51593 Leanne Light, Kuphalmouth, DE 50012-5183

Phone: +639107620957

Job: Corporate Banking Technician

Hobby: Reading, scrapbook, role-playing games, Fishing, Fishing, Scuba diving, Beekeeping

Introduction: My name is Edwin Metz, I am a fair, energetic, helpful, brave, outstanding, nice, helpful person who loves writing and wants to share my knowledge and understanding with you.