Before you start
Objectives: learn how to manage encryption of files in XP system.
Prerequisites: you have to know what is Encrypting File System in Windows.
Key terms: enyrypted, file, folder, key, ntfs, recovery, agent, attribute, certificate, fek, user, access
Encrypting a File or Folder
Encryption protects the contents of the file saved on an NTFS partition. Let’s encrypt a folder. To do that we have to right click a particular folder, go to it’s properties, and then click on the ‘Advanced’ button in the ‘General’ tab. In our case we will encrypt the ‘Confidential’ folder on our E partition.
Image 246.1 – Advanced Attributes
Here we can select to ‘Encrypt contents to secure data‘ option. Click OK to confirm, and then click OK again. Now we are given a choice to apply changes to this folder only, or we can encrypt this folder, all subfolders, and all files in the subfolders. In our example we will select the default option and click OK.
Image 246.2 – Confirmation
We can configure Windows to show encrypted files and compressed files in a different color. To do that go to the Tools menu, select ‘Folder Options’, go to the ‘View’ tab, scroll down, select ‘Show encrypted or compressed NTFS files in color’ and click OK. Notice that our encrypted files are now shown in different color.
Image 246.3 – Encrypted Folder
Normally, encrypted files can only be opened by the user who encrypted the files, or by the designated recovery agent. In Windows XP we have the ability to identify additional users who can open the encrypted file. To allow additional users to open an encrypted file, open the properties of the file, click ‘Advanced’, and then click ‘Details’. In our example, we will select the ‘Reckoning.doc’ file which is located in the ‘Confidential’ folder.
Image 246.4 – Details
The box at the top shows the list of users who can access the file. Notice that only the Administrator has the access to the file. Data Recovery Agents are not defined in our case. To add additional users, we will click the ‘Add’ button, and select them from the list. This list only shows users with valid certificates. If the user is not listed, that means the user simply doesn’t have a valid certificate. Let’s add Kim Verson.
Image 246.5 – Adding Kim Verson
Image 246.6 – Final List
Click OK, and click OK again to finish.
In XP we can encrypt files and folders by checking the ‘Encrypt contents to secure data’ option, in file/folder properties. We can configure Windows to show encrypted files and compressed files in a different color. Normally, encrypted files can only be opened by the user who encrypted the files, or by the designated recovery agent. We can also identify additional users who can open the encrypted file.