How to Use EFS to Encrypt Files and Folders in Windows

How to Use EFS to Encrypt Files and Folders in Windows

One of the lesser known features of Windows is the Encrypted File System (EFS). The EFS allows you to quickly encrypt files and folders in the Windows system of your choice using your own user account. Since the files are being encrypted using the password of the Windows user account, other users on your system, including the administrator, cannot open, move, or modify the file and folders. This encryption system is helpful if you have files that are not so important but don’t want other users on your system to see them.

EFS is completely different from BitLocker; it is not as secure as BitLocker or other encryption software. This is because anyone with access to your user account can easily access the files and folders without the need for any extra password or authentication.

Note: you cannot encrypt entire drives or partitions using the EFS. It only works with files and folders.

Encrypting files and folders using EFS is very easy. All you have to do is select a checkbox and back up the security certificate. To start, select the folder you want to encrypt with EFS, right-click on it and select the option “Properties.”

win-efs-select-folder-properties

Once the Folder Properties window has been opened, click on the “Advanced” button on the General tab.

win-efs-click-advanced-button

This action opens the Advanced Properties window. Select the “Encrypt contents to secure data” checkbox and click on the “OK” button.

win-efs-select-encrypt-contents

You need to confirm the attribute changes. Simply select the “Apply changes to this folder, subfolders, and files” radio button, and click on the “OK” button.

win-efs-select-apply-changes-to-all

As a visual indicator that you have successfuly encrypted the select files and folders with EFS, you will see a lock icon over all the encrypted files and folders.

win-efs-files-encrypted

Once you are done encrypting, Windows will prompt you to back up the encryption key so that you can decrypt the files and folders if you ever lose access to your user account. Find the backup icon in the taskbar and double-click on it.

win-efs-open-backup-wizard

This action will open the EFS Backup Dialog box. Select the option “Backup Now.”

win-efs-select-backup-option

As soon as you click on the option, the Certificate Wizard will open. Here click on the “Next” button to continue.

win-efs-wizard-main-window

In this window make sure that the options are selected as shown in the image, and click on the “Next” button.

win-efs-select-certificate-format

Now, select the “Password” checkbox, enter a strong password and click on the “Next” button to continue.

win-efs-enter-password

Click on the “Browse” button, and select where you want to save the certificate. On the main window click “Next” to continue.

win-efs-select-file-name-destination

Finally, Windows shows you a gist of all the settings you just performed. Review them and click on the “Finish” button.

win-efs-review-export-settings

Once the procedure has finished, you will receive a message letting you know the same. As I said before, this file is very important as it lets you decrypt your files and folders if you lose access to your Windows user account. Make sure that you’ve stored the certificate in a safe place.

win-efs-export-completed

After you are done encrypting the files, no user on your system can open your files, not even the administrator. If they try to they will receive a message similar to the one depicted below.

win-efs-file-access-denied

Moreover, they can’t even move or copy the files. If they try to do so, they will see an error message similar to the one depicted below.

win-efs-file-move-access-denied

Again, this is not the most secure way to encrypt your important or confidential files, but it is a good alternative for general usage. In the case you have confidential or important files, you are better of with BitLocker or other encryption software.

Do comment below sharing your thoughts and experiences about using your files and folder with EFS.

6 comments

  1. it does not work on w7. encrypt contents to secure data box is grayed out and does not allow it to be checked.

  2. Joe

    Would this make ransomware more difficult?

    No it will certainly not..!! ransomware is affecting the entire system files or in the best situation only your personal data BUT if they are protected like this it will encrypt them twice and you want be able to open them . Besides some ransomware are using directives to your hard drive and locking up sectors . ! All of these actions are performing with your account. So where is difficulty???

  3. The only solution is to backup …backup …backup …backup… people …backup your data .!

    I say this : Jesus SAVES but God takes BACKUP.

    Have a nice day.

  4. Apparently I did this on some files for privacy. Now…the computer died 2 weeks ago…JUST got it back up and running off back ups and re-imaging…and all these files w/the yellow padlock in the top right of the thumbnail will NOT allow me access to them…but there is no wizard to run or any kind of decryption icon in the upper menu bar that I can see…Please help. need to recover and be able to access these files.

  5. Complete nonsense and not encryption, I went under another user and quietly deleted the folder on which was efs

Comments are closed.

Sponsored Stories