2

I have some files on my laptop that were accidentally encrypted, I think by Visual Studio. I didn't even know that was possible. Anyway, the way I discovered they were encrypted was that I changed my password and thus could no longer access said files. I could not take ownership of them and running cypher /u did not work either. Found out all this after running chkdisk and virus scan and various other tools to make sure the files weren't corrupted (see: 6 hours of my life).

If I go into the properties for the encryption it shows me there's a recovery policy with a specified user and thumbprint. Can I install that user's certificate and then perform the decryption? Or does the user actually need to log in and do it?

Operating System: Windows 7

Encryption method: EFS

Matt
  • 123
  • 3

1 Answers1

3

If settings are default (ie, not using reversible encryption for password storage), then the user would have to log in to decrypt. In fact, if the user was ever to have their password administratively changed, then the files would become unrecoverable as the key would be lost.

AJ Henderson
  • 41,816
  • 5
  • 63
  • 110
  • 2
    Technically the *key* isn't lost; it's in the master header. However, the master header is encrypted with a key derived from a password. This is how multiple users can have access to one encrypted file. – Polynomial Dec 11 '12 at 19:56