Solved: how to encrypt on Win7

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

pcguy9441

Thread Starter
Joined
Apr 16, 2007
Messages
616
I'll probably slap myself up side the head with a "duh" when I get the answer to this, but here goes anyway...

How do you encrypt files/folders on Win 7/64 bit Pro

I followed the instructions, clicked encrypt, it did something. It never prompted for a password, sent the encryption key I have no idea where.

Googling for "where is the encryption key" I found it using the certmgr.msc app, but on export, it again went I have no idea where. How to I get into my folder with out the key? But wait... the files open anyway with no key nor password, it's not encrypted! It never asked me to create a password. I'm missing something here.

I watched the MS video but it's of no help at all. It told me how to do what I'd already done.

I'm used to using TrueCrypt which wants a password and when encrypted, you have an impenetrable file/folder that can't be cracked.

Please help me out here,

Thanks.
 

TerryNet

Terry
Moderator
Joined
Mar 23, 2005
Messages
81,429
Did you use the built-in Windows encryption method (which, I believe, is only available with Pro and Ultimate versions)?

If so, a "certificate" is created and you can easily and seamlessly access the files when logged into the same account. Try to access the files from another account--after reinstalling Windows, for example--and you will find that they are quite well encrypted. If using this method, and don't have an unencrypted copy, before you lose access to your current account you must backup this certificate. I'd probably make two copies--one to CD or DVD and one to USB flash drive. See Back up Encrypting File System (EFS) certificate.
 

pcguy9441

Thread Starter
Joined
Apr 16, 2007
Messages
616
OK, I get it. Yes, I did use the built-in Win7 Pro encryption.

I was operating from the wrong definition of "encryption". Coming from TruCrypt, I expected the newly encrypted files to be wrapped in an encrypted container that was impenetrable even from my account without logging in with a password. The seamless access after encryption is welcomed since lately it's taken 8-10 tries to get into TruCrypt for some reason-thus my desire to change, but this forces me to change my rather low security MO. TruCrypt, which dates from the XP days, is no longer supported and has vulnerabilities that will never be fixed. You probably know all this.

I'm the only user of my machine and have only 2 accts. admin and me. My personal acct has admin privileges, so I in fact never use the admin acct. I know, it's not recommended that the day-to-day acct. have admin priv. in order to thwart hackers and malware, so I've been living on the edge, but I do run Bitdefender and MBAM daily. There is a visitor acct, but it's never used. No accounts have a password and I leave the PC on 14 hrs a day or asleep at night, so there's the risk.

An intruder could get to my encrypted stuff, or anyone who steals my PC (it is secured with a heavy steal cable however-once burned twice shy).

So, the premise is that if my log-in account is password protected, the encryption is secure, right?

However, in XP days and before, it was fairly easy to crack a password. I did it once or twice. Has that changed with Win 7?

Thanks!
 

TerryNet

Terry
Moderator
Joined
Mar 23, 2005
Messages
81,429
Yes, I know the bad news about TrueCrypt but continue to use it anyhow for my most sensitive files.

As far as I know a Windows 7 login password is no harder to crack than an XP one. I believe that if the password is at least about eight characters and truly a random mix of lower case, upper case and digits the time to crack it makes it unlikely that anyone will bother unless there is reason to believe that something really valuable can be stolen.

As far as the type of "Windows Pro" encryption you are now using I have never heard of it being broken.
 

pcguy9441

Thread Starter
Joined
Apr 16, 2007
Messages
616
Ok, when I said "cracked" I did'n't mean what hackers do today with brute force algorithms where a computer cracks the password, but rather a backdoor method that bypassed Windows somehow and allowed you to null out the password. You did not find out what was, you just made it go away then rebooted normally and you were in. I totally forget how it worked w/o digging thru some notes, but I think it involved booting from a floppy and running a special app in DOS mode. I did it once or twice just for drill. I have never looked at a Win7 version of this and don't have the problems I did in the Win98/XP days, so no motivation to play with it.

I should enable a password just to be safe.

Thanks.
 
Joined
Sep 21, 2007
Messages
13,866
Make sure nobody get's physical access to the PC, lock the door to the room where the PC is with a dead bolt.
 

dvk01

Derek
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
If you null out or change the password on an encrypted W7/W8 computer all files remain encrypted
You have to change the password from within the account ( which means knowing the existing password and logging in via that account with admin privileges in order to change it)
When you change from another account or using one of the password reset discs, you lose access totally to all encrypted files
So provided your log in password is secure and not easily guessed, AND you are logged off and you require a password to log into windows EVERTYTIME, then your encrypted files are as safe as they can be
 

pcguy9441

Thread Starter
Joined
Apr 16, 2007
Messages
616
dvk01, that's very reassuring. I'm sold!

With TruCrpt, it's been a big pain to log in each time, especially since for some reason, I've had to do it 8-9-10 times in a row lately to get in. I have no idea what's going on there and it's not a typo thing since I had checked the box that allows display as I type.

On locking the door with a dead bolt, I considered going one step further and encasing the PC in a 400lb cube of concrete with ventilation holes. Let them try to haul that away.

Thanks for all the input!
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top