Encrypting File System (EFS) is a feature of Windows that you can use to store information on your hard disk in an encrypted format. If you encrypt files and folders on your PC, you need a way to recover that data in case something happens to the encryption key. If your encryption key is lost or damaged and you don’t have a way to recover your data, the data is lost. So taking a back up of your EFS certificates is an important task.
How to Backup EFS certificates?
There are two methods to manage and back up certificates.
1. Using the Certification Manager: Open the Run command and type certmgr.msc and press enter. This will open the certification manager in Windows 7. In the left pane, double-click Personal and click Certificates. In the main pane, click the certificate that lists Encrypting File System under Intended Purposes. Click the Action menu, point to All Tasks, and then click Export.
In the Certificate Export wizard click Yes, export the private key, and then click Next. Select Personal Information Exchange, and then click Next. You can type a password to use it and confirm it. Type a name for the file and select a location to save and then click Save. Click finish to get the back up of EFS certificates.
2. Second method is to use the Manage file encryption certificates wizard. To back up, open run command and type ReKeyWiz.exe and press enter. You can see the window to manage certificates. Using this tool you can create, backup and also updates files with new certificates. The wizard is self explanatory, you can see the images below.
In case you have made changes to your certificates, it is advisable to update all your encrypted files with the new certificate.
Things to Note:
- EFS is not fully supported on Windows 7 Starter, Windows 7 Home Basic, and Windows 7 Home Premium.
- Keep the back up file in safe location, so that in case the EFS is missing or corrupted, you can always restore the back up.
- In case you are not able to see any certificates for back up, just encrypt any files using the properties window and encryption certificate is automatically created by Windows.
If Your looking for a easy way to remove your old password, http://www.recoverwindowspasswords.com now has a program that reset its for you in a breeze.
So then how do you get the key or certificate if you have Windows 7 Home Premium?
Every instruction I find brags how it supports encryption, yet with a disclaimer that it doesn’t support the key or certificate export….What sense does that make? If I can’t get to the decryption stuff then why make it have EFS?