Re: EFS encrypted files
- From: Technobard <bardlee@xxxxxxxxxxx>
- Date: Thu, 10 Jan 2008 14:02:47 -0800 (PST)
Are you part of a domain?
In Windows XP and beyond, the user's RSA private key is backed up
using an offline public key whose matching private key is stored in
one of two places: the password reset disk (if Windows XP is not a
member of a domain) or in the Active Directory (if Windows XP is a
member of a domain).
Files encrypted with EFS can only be decrypted by using the RSA
private key(s) matching the previously-used public key(s). The stored
copy of the user's private key is ultimately protected by the user's
logon password. Accessing encrypted files from outside Windows with
other operating systems (Linux, for example, or even another instance
of Windows) is not possible -- not least of which because there is
currently no third party EFS component driver. Further, using special
tools to reset the user's login password will render it impossible to
decrypt the user's private key and thus useless for gaining access to
the user's encrypted files.
excelsior
.
- Prev by Date: Re: Disappearing Mapped Drives
- Next by Date: Re: EFS encrypted files
- Previous by thread: Crypting and protecting a folder in an USB Drive
- Next by thread: Re: EFS encrypted files
- Index(es):
Relevant Pages
|
