The Encrypting File System

One of the single largest improvements in Windows XP over Windows 2000 is in the area of the Encrypting File System. EFS in Windows XP provides the following new features:

  • More than one user can be allowed access to an encrypted file.

  • Offline files can now be encrypted.

  • Data Recovery Agents (DRAs) are not required, but still recommended.

  • The triple-DES (3DES) encryption algorithm is available, replacing the DESX algorithm.

  • A password reset disk can be used to reset a user's password.

  • Encrypted files can be stored in Web folders.

NOTE

Remember that in order to use EFS encryption, you must using the NTFS file system on your hard drive.

EFS works by using a public-private key pair for each user and a per-file encryption key ...

Get Platinum Edition Using® Microsoft® Windows® XP now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.