USING "ENCRYPTING FILE SYSTEM" TO PROTECT FILES AND FOLDERS IN "WINDOWS.."

(1)

1

USING

"ENCRYPTING FILE

SYSTEM"

TO PROTECT

(2)

2

Web location for this

presentation:

http://aztcs.org

Click on

(3)

3

SUMMARY

Many of the "editions" of

"Windows 2000", "Windows

XP", "Windows Vista",

"Windows 7", and "Windows 8"

have the "Encrypting File

(4)

4

TOPICS

• Basics of Encrypting File System • "EFS" versus "BitLocker"

• "Encrypting File System" Service • Using the "Certificate Manager" to

Check for Existing Personal "Public Key Certificates"

• Encrypting A File or Folder with EFS • Using the "Certificate Manager" to

(5)

5

TOPICS (continued)

• .PFX "Personal Information Exchange" files

• Decrypting an EFS-encrypted file/folder • Deleted Certificates Stay in RAM And

(6)

6

BASICS OF EFS

• The "Encrypting File System"

(EFS) is a feature of "NTFS"

hard drives (and partitions)

for many editions of

(7)

7

BASICS OF EFS (continued)

• When view in "Windows

Explorer" ("File Explorer"), a

folder that contains only

"Encrypting File

(8)

(9)

9

BASICS OF EFS (continued)

• When viewed in "Windows

Explorer" ("File Explorer"),

a file that is encrypted by

"Encrypting File System"

will have it's name in

(10)

(11)

11

BASICS OF EFS (continued)

• Another user on the same computer will be unable to open/view the EFS-protected file.

• If someone takes your hard drive,

and puts it into an external hard drive enclosure and attaches the

enclosure to their own computer,

(12)

(13)

(14)

14

BASICS OF EFS (continued)

• "ESF" is a feature of "NTFS"

hard drives (and partitions)

for many editions of

(15)

15

BASICS OF EFS (continued)

• In EFS, "public key

certificates", "private keys",

and passwords to controll the

various keys all work together

to give you "two factor

(16)

16

BASICS OF EFS (continued)

• The advantages of having

certificates are detailed in `

(17)

17

BASICS OF EFS (continued)

• According to

http://en.wikipedia.org/wiki/Encr

ypting_File_System, Ecrypting

File System (EFS) is available

for the following editions of

(18)

18

(19)

19

BASICS OF EFS (continued)

• "Windows Vista Starter", "..Home

Basic", and "..Home Premium"

allow only decryption--so you can

read encrypted files but you

(20)

20

BASICS OF EFS (continued)

• For "Windows Vista Starter",

"..Home Basic", and "..Home

Premium" you can decrypt

EFS-encrypted files using the cipher

command line command. See

http://windows.microsoft.com/is-

(21)

21

BASICS OF EFS (continued)

• "Windows 7 Starter", "..Home

Basic", and "..Home Premium"

allow only decryption--so you can

read encrypted files but you not

(22)

22

BASICS OF EFS (continued)

• For "Windows 7 Starter", "..Home

Basic", and "..Home Premium"

(23)

23

BASICS OF EFS (continued)

(24)

24

(25)

25

BASICS OF EFS (continued)

• "Encrypting File System" is also

available for NTFS drives/partitions for the "..Pro" and "..Enterprise"

editions of "Windows 8".

• "Encrypting File System" will not be available for the "..RT" or "Windows 8" editions of "Windows 8".

• Reference:

(26)

26

"EFS" VERSUS "BITLOCKER"

• "Bitlocker" is used to encrypt entire hard drives or hard drive partitions whiile "Encrypting File System" is used to encrypt individual data files and/or folders

• "EFS" causes less of a

(27)

27

"EFS" VERSUS "BITLOCKER" (continued) • See

(28)

28

"ENCRYPTING FILE SYSTEM" SERVICE MUST BE SET TO "MANUAL" OR "AUTOMATIC"

• In order to encrypt or decrypt a

file or folder, the "Encrypting

File System" services has to be

set to "Manual" or "Automatic":

You can run services.msc from

(29)

29

"ENCRYPTING FILE SYSTEM" SERVICE SET TO "MANUAL" OR "AUTOMATIC" (continued)

• Step 1: Click on the "Start"

button in versions of "Windows"

prior to "..8" or, for "Windows

8..", hover over the lower-left

"Hot Corner" and use the

RIGHT mouse" to click on "Run"

in the pop-up "Power User

(30)

30

• Step 2: Type in

services.msc

(31)

(32)

32

(33)

(34)

34

• Step 5: Use the vertical scroll bar

on the right to scroll downward until you locate the "Encrypting File

System" service.

• Step 6: Use your RIGHT mouse button to click on it.

(35)

35

(36)

(37)

37

• Step 9: A "Properties" dialog box will be displayed.

• Step 10: Make sure that "Startup type" is set to "Manual" or

"Automatic". "Manual" is preferable. • Step 11: Click on the "Apply" button

(38)

38

• Step 12: Close the "Properties" dialog box.

• Step 13: Close the "Services"

(39)

(40)

40

USING THE "CERTIFICATE MANAGER" TO CHECK FOR EXISTING PERSONAL

"PUBLIC KEY CERTIFICATES"

• Step 1: Click on the "Start" button in versions of "Windows" prior to "..8" or, for "Windows 8..", hover over the lower-left "Hot Corner" and use the RIGHT mouse" to click on "Run" in the pop-up "Power User Context

(41)

(42)

42

USING THE "CERTIFICATE MANAGER" TO CHECK FOR EXISTING PERSONAL "PUBLIC KEY CERTIFICATES" (continued)

• Step 2: Use the right mouse button to click on "cmd.exe" in versions of "Windows" prior to "..8" or, for

"Windows 8..", use the left mouse button to click on "Command

(43)

(44)

44

• Step 3: Use the left mouse button to click on "Run as administrator" in

versions of "Windows" prior to "..8" or, for "Windows 8..", use the left

mouse button to click on the "Yes"

(45)

(46)

46

(47)

(48)

48

• Step 5: Inside the command prompt window, type in certmgr.msc

(49)

(50)

50

• Step 7: A "certmgr" Microsoft

(51)

(52)

52

• Step 8: Double-click on the

(53)

(54)

(55)

55

• Step 9: Double-click on

(56)

(57)

57

• Step 10: Note that you presently

(58)

(59)

59

ENCRYPTING A FILE OR FOLDER WITH "ENCRYPTING FILE SYSTEM"

• Step 1: Start "Windows

Explorer" ("File Explorer").

(60)

(61)

61

ENCRYPTING A FILE OR FOLDER WITH "ENCRYPTING FILE SYSTEM" (continued)

• Step 3: Use the RIGHT mouse

to click on it.

• Step 4: A pop-up context menu

will be displayed.

(62)

(63)

63

• Step 6: A "..Properties" dialog

box will be displayed.

(64)

(65)

65

• Step 8: An "Advanced

(66)

(67)

67

• Step 9: Put in a checkmark for

"Encrypt contents to secure

data".

• Step 10: Click on the "OK"

button:

• Step 11: The "Advanced

(68)

(69)

69

• Step 12: Click on the "Apply"

button of the "..Properties"

(70)

(71)

71

(72)

(73)

73

• Step 14: Click on the "Continue"

button of the "Access Denied"

(74)

(75)

75

• Step 15: The "Access Denied"

box will disappear.

• Step 16: The file name(s) of the

newly-encrypted file(s) will now

be displayed in a

green font

to

indicate that the file(s) is/are

(76)

(77)

77

USING THE "CERTIFICATE MANAGER" TO EXPORT A NEWLY-CREATED

"PUBLIC KEY" AND "PRIVATE KEY"

• Step 1: Click on the "Start" button in versions of "Windows" prior to "..8" or, for "Windows 8..", hover over the lower-left "Hot Corner" and use the RIGHT mouse" to click on "Run" in the pop-up "Power User Context

(78)

(79)

79

USING THE "CERTIFICATE MANAGER" TO EXPORT A NEWLY-CREATED "PUBLIC KEY"

AND "PRIVATE KEY" (continued)

• Step 2: Use the right mouse button to click on "cmd.exe" in versions of "Windows" prior to "..8" or, for

"Windows 8..", use the left mouse button to click on "Command

(80)

(81)

81

• Step 3: Use the left mouse button to click on "Run as administrator" in

versions of "Windows" prior to "..8" or, for "Windows 8..", use the left

mouse button to click on the "Yes"

(82)

(83)

83

(84)

(85)

85

• Step 5: Inside the command prompt window, type in certmgr.msc

(86)

(87)

87

• Step 7: A "certmgr" Microsoft

(88)

(89)

89

• Step 8: Double-click on the

(90)

(91)

91

• Step 9: Double-click on

(92)

(93)

93

• Step 10: Note that you now have a newly-created "Public Key

Certificate" in the "Certificates"

(94)

(95)

95

• Step 11: Note that you now have a newly-created "Public Key

Certificate" in the "Certificates"

(96)

(97)

97

• Step 12: Use the RIGHT mouse

(98)

(99)

99

(100)

(101)

101

(102)

(103)

103

• Step 15: A "Certificate Export Wizard" dialog box will be

displayed.

(104)

(105)

105

• Step 17: Select the "Yes, export the private key" option.

(106)

(107)

107

(108)

(109)

109

(110)

(111)

(112)

112

• Step 21: Type in a password and record it somewhere in a secure

(113)

(114)

114

AND "PRIVATE KEY"(continued)

• Step 22: Type in the same password again.

(115)

(116)

116

(117)

(118)

118

(119)

(120)

(121)

121

• Step 26: When you arrive at the desired location for the .PFX file, type in a name for the .PFX file.

(122)

(123)

123

(124)

(125)

125

(126)

(127)

(128)

128

(129)

(130)

130

(131)

(132)

132

(133)

(134)

(135)

135

• .PFX file(s) = "Personal Information Exchange" files

• .PFX file(s) an be moved, copied, renamed, and e-mailed without

restrictions.

(136)

136

• Double-click on it to "Import"

the certificate and the private

key into any computer or

Windows user account. Then

you can open/view the

associated the EFS-encrypted

data file

(137)

137

If your Windows user account or your Windows computer cannot open an EFS-encrypted file, do the following: • Step 1: Obtain the .PFX file (from

the creator/owner of the

EFS-encrypted file) and double-click on the .PFX file:

DECRYPTING AN

(138)

(139)

(140)

140

• Step 2: Click on the "Next" button of the "Certificate Import Wizard":

(141)

(142)

142

• Step 3: Click on the "Next" button: DECRYPTING AN EFS-ENCRYPTED

(143)

(144)

(145)

145

• Step 4: Type in the password for the .PFX file (which you should have

obtained from the creator/owner of the EFS-encrypted data file):

(146)

(147)

147

• Step 5: Select the "Mark this key as exportable" option.

(148)

(149)

149

(150)

(151)

151

• Step 8: Click on the "Finish" button: DECRYPTING AN EFS-ENCRYPTED

(152)

(153)

153

• Step 9: Click on the "OK" button: DECRYPTING AN EFS-ENCRYPTED

(154)

(155)

155

• Step 10: If you EFS-encrypted files are inside an EFS-encrypted folder, double-click on the folder to open it: DECRYPTING AN EFS-ENCRYPTED

(156)

(157)

157

• Step 11: Double-click on the EFS-encrypted data file to open it:

(158)

(159)

159

• Step 12: The EFS-encrypted data file will open with its default

associated software application program ("app"):

(160)

(161)

161

DELETED CERTIFICATES STAY IN RAM UNTIL YOU RE-BOOT

• If you run certmgr.msc to delete

a certificate from your

computer's hard drive, the

certificate will stay active in

(162)

162

OPTIONS IN "ACRONIS TRUE IMAGE.." FOR BACKING UP HARD DRIVES THAT

CONTAIN EFS-ENCRYPTED FILES

• According to

(163)