Encrypting Files and Directories in Windows 2000

Encrypting Files and Directories in Windows 2000

Windows 2000 is equipped with the latest version of the NTFS file system, NTFS version 5, and with this latest version, you can encrypt individual files or entire directories while in Windows 2000 Explorer or from a command prompt.

Here’s how

  1. Open Windows Explorer
  2. Locate the file or folder you wish to encrypt
  3. Right-click the file or folder, and then select Properties, and then click Advanced.
  4. Under the Compress or Encrypt attributes section, check the “Encrypt contents to secure data” box.

    Note: It is extremely important that you backup your encryption key and keep it in a safe place in case your system crashes and you need to recover your data. Without this key, recovering the encrypted data is all but impossible!

Let’s review the command line version of the encryption dialog.

  1. Open a Command Prompt
  2. Navigate to the folder of your choice
  3. Next, type “cipher” at the command prompt to get a report on the encryption status of all objects in the current directory.

The cipher command will let you encrypt entire trees of folders and files. You can also un-encrypt files or re-encrypt currently encrypted files.

Typing “cipher /?” at the Command Prompt returns the following:

Displays or alters the encryption of directories [files] on NTFS partitions.
 CIPHER [/E | /D] [/S:dir] [/A] [/I] [/F] [/Q] [/H] [/K] [pathname [...]] /E Encrypts the specified directories. Directories will be marked so that files added afterward will be encrypted. /D Decrypts the specified directories. Directories will be marked so that files added afterward will not be encrypted. /S Performs the specified operation on directories in the given directory and all subdirectories. /A Operation for files as well as directories. The encrypted file could become decrypted when it is modified if the parent directory is not encrypted. It is recommended that you encrypt the file and the parent directory. /I Continues performing the specified operation even after errors have occurred. By default, CIPHER stops when an error is encountered. /F Forces the encryption operation on all specified objects, even those which are already encrypted. Already-encrypted objects are skipped by default. /Q Reports only the most essential information. /H Displays files with the hidden or system attributes. These files are omitted by default. /K Creates a new file encryption key for the user running CIPHER. If this option is chosen, all the other options will be ignored. pathname Specifies a pattern, file or directory. Used without parameters, CIPHER displays the encryption state of the current directory and any files it contains. You may use multiple directory names and wildcards. You must put paces between multiple parameters.

If used correctly, with some precautions, including backing up your “key”, cypher can be a powerful and useful command line tool for protecting files and directories. Its use is worthwhile if you have a need for the Windows 2000 Encrypting File System (EFS).

About Dewwa Socc