If you are a Windows user who shares your PC with multiple users, then it is most likely that you may want to restrict other non-admin users from accessing your files, folders or even entire partitions. In those special cases, File System Permissions are a good way to protect Windows partitions from unauthorized access or changes. So in this quick guide, let us see how to restrict other local Windows accounts from accessing your NTFS partitions.
Note: This method only applies to NTFS file system partitions. FAT and FAT32 partition do not support access control lists (access restrictions).
Before knowing how to restrict users from accessing selected NTFS partitions, let us cover a bit about basic access rights:
Full Control: Users with full control can read, write, execute, delete, modify and add files and folders. Also, they can alter file and folder permissions. Generally, this permission level is granted for admin users.
Modify: Users with Modify permissions can read, write, delete, and modify files and folders.
Read and Execute: Users with Read and Execute permissions can execute and read any file and folder, but they are not allowed to modify or delete any files or folders.
List Folder Contents: Users with List Folder Contents can only view and list contents in selected folders, but these users cannot view or execute individual files.
Read: This is the basic right you can get in Windows. Users with Read permissions can view and list all the files and folders in a directory.
Write: Users with write permissions can create or write information into files and folders but are not permitted to view any existing information.
Restrict Access to NTFS Partitions
To restrict access to a Windows account, launch the Windows Explorer by pressing “Win + E.” Right click on the drive you want to restrict access to and select “Properties” from the list of options. In my case, it is my E drive.
The above action will open the “Properties” window. Here navigate to the “Security” tab.
Now to change the permissions, click on the “Edit” button.
In this “Permissions” window, check if the username you want to restrict is listed under the “Groups or Usernames” section. If not, click on the “Add” button to add the user to the list.
Here in this window, enter the username you want to restrict and click on the “Check names” button to turn it into actual username. Once you have done that, click on the “Ok” button to continue.
The above action will add the user account to the “Groups or Usernames” list. By default, this user has “Read, List folder contents, and Read & Execute” permissions.
As we are going to completely restrict the user from accessing the selected partitions, select the username and check all the “Deny” check boxes. Once you have done that, click on the “Apply” and “Ok” buttons to apply the changes.
Note: If you want to, you can selectively allow or deny the permissions by selecting the required check boxes.
From this point on, the user won’t be able to access the restricted partitions. Whenever the user tries to access the partition, he/she will get the error message:
That’s all there is to do and it is that simple to restrict users from accessing selected NTFS partitions. Hopefully that helps, and do comment below on how you are using these NTFS permissions in your Windows environment or if you face any problems while setting up NTFS permissions.