Encryption in XP

Spread the love

Before you start

Objectives: learn how to manage encryption of files in XP system.

Prerequisites: you have to know what is Encrypting File System in Windows.

Key terms: enyrypted, file, folder, key, ntfs, recovery, agent, attribute, certificate, fek, user, access


Encrypting a File or Folder

Encryption protects the contents of the file saved on an NTFS partition. Let’s encrypt a folder. To do that we have to right click a particular folder, go to it’s properties, and then click on the ‘Advanced’ button in the ‘General’ tab. In our case we will encrypt the ‘Confidential’ folder on our E partition.

Advanced Attributes

Image 246.1 – Advanced Attributes

Here we can select to ‘Encrypt contents to secure data‘ option. Click OK to confirm, and then click OK again. Now we are given a choice to apply changes to this folder only, or we can encrypt this folder, all subfolders, and all files in the subfolders. In our example we will select the default option and click OK.

 Confirmation

Image 246.2 – Confirmation

We can configure Windows to show encrypted files and compressed files in a different color. To do that go to the Tools menu, select ‘Folder Options’, go to the ‘View’ tab, scroll down, select ‘Show encrypted or compressed NTFS files in color’ and click OK. Notice that our encrypted files are now shown in different color.

 Encrypted Folder

Image 246.3 – Encrypted Folder

Normally, encrypted files can only be opened by the user who encrypted the files, or by the designated recovery agent. In Windows XP we have the ability to identify additional users who can open the encrypted file. To allow additional users to open an encrypted file, open the properties of the file, click ‘Advanced’, and then click ‘Details’. In our example, we will select the ‘Reckoning.doc’ file which is located in the ‘Confidential’ folder.

Details

Image 246.4 – Details

The box at the top shows the list of users who can access the file. Notice that only the Administrator has the access to the file. Data Recovery Agents are not defined in our case. To add additional users, we will click the ‘Add’ button, and select them from the list. This list only shows users with valid certificates. If the user is not listed, that means the user simply doesn’t have a valid certificate. Let’s add Kim Verson.

 Adding Kim Verson

Image 246.5 – Adding Kim Verson

Final List

Image 246.6 – Final List

Click OK, and click OK again to finish.

Remember

In XP we can encrypt files and folders by checking the ‘Encrypt contents to secure data’ option, in file/folder properties. We can configure Windows to show encrypted files and compressed files in a different color. Normally, encrypted files can only be opened by the user who encrypted the files, or by the designated recovery agent. We can also identify additional users who can open the encrypted file.

Author: cicnavi