Windows Vista introduces many new features for EFS (some of which have been discussed earlier in this chapter). The new features include:
User EFS encryption certificates and keys can be stored on smart cards.
EFS data recovery certificates and keys can be stored on smart cards.
The Windows paging file can be encrypted using EFS with a key that is generated when the system starts up. This key is destroyed when the system shuts down.
Data in the offline files cache is encrypted using the specific user’s encryption keys, rather than a machine-based system key. This prevents one user from accessing another user’s data in the offline files cache.
The biggest improvement in EFS is the ability to manage default ...