How To Encrypt a File in Windows XP (307877)
The information in this article applies to:
- Microsoft Windows XP Professional
This article was previously published under Q307877 SUMMARY
This article describes how to use the Windows XP Encrypting File System (EFS) feature to store files in an encrypted format on your hard disk.
Encryption is the process of converting data into a format that cannot be read by others. You can use EFS to automatically encrypt your data when it is stored on the hard disk.
The EFS feature is not included in Microsoft Windows XP Home Edition.
back to the top
How to Encrypt a File
You can encrypt files only on volumes that are formatted with the NTFS file system. To encrypt a file:
- Click Start, point to All Programs, point to
Accessories, and then click Windows Explorer.
- Locate the file that you want, right-click the file, and then click
Properties.
- On the General tab, click Advanced.
- Under Compress or Encrypt attributes, select the
Encrypt contents to secure data check box, and then
click OK.
- Click OK. If the file is located in an unencrypted folder, you
receive an Encryption Warning dialog box. Use one of the
following steps:
- If you want to encrypt only the file, click Encrypt the file only, and then click OK.
- If you want to encrypt the file and the folder in which it is
located, click Encrypt the file and the parent
folder, and then click OK.
If another user attempts to open an encrypted file, that user is unable to do so. For example, if another user attempts to open an encrypted Microsoft Word document, that user receives a message similar to:
Word cannot open the document: username does not have access privileges
(drive:\filename.doc)
If another user attempts to copy or move an encrypted document to another location on the hard disk, the following message appears:
Error Copying File or Folder
Cannot copy filename: Access is denied.
Make sure the disk is not full or write-protected and that the file is not currently in use.
back to the top
Troubleshooting- You cannot encrypt files or folders on a volume that uses the FAT
file system.
You must store the files or folders that you want to encrypt on NTFS
volumes.
- You cannot store encrypted files or folders on a remote server
that is not trusted for delegation.
To resolve this issue, configure the remote server as being trusted
for delegation. To do this:
- Log on to a domain controller with an account with
administrator privileges.
- Start the Active Directory Users and Computers snap-in.
- In the left pane, expand the domain container. Locate the
server you want, right-click it, and then click Properties.
- On the General tab, select the Trust
computer for delegation check box (if it is not already
selected). Click OK to respond to the "Active Directory"
message that appears.
- Click OK, and then quit Active Directory Users and
Computers.
- You cannot gain access to encrypted files from Macintosh client
computers.
- You cannot open documents that were stored by others in an
encrypted folder that you created.
If another user creates a document in an encrypted folder, that
document is encrypted allowing (by default) only that user to gain
access. Because of this, a folder that you encrypt may contain files
that you are unable to open. If you require access to these files,
request that your user account be added to the list of users with
whom the encrypted files are shared.
back to the top
REFERENCESFor additional information, click the article number below
to view the article in the Microsoft Knowledge Base:
223316 Best Practices for Encrypting File System
For additional information about using file encryption in Windows XP, click the article numbers below
to view the articles in the Microsoft Knowledge Base:
308989 How To Encrypt a Folder
308991 How To Share Access to an Encrypted File
308993 How To Remove File Encryption
| Modification Type: | Minor | Last Reviewed: | 7/14/2004 |
|---|
| Keywords: | kbhowto kbHOWTOmaster KB307877 kbAudITPro |
|---|
|