There are many articles out there stating that a user's encrypted files are lost after an administrator resets the password of that user.
I tried:
- Logged on as user (Domain User) with password 54321
- created a file named test.txt on the desktop
- encrypted the file using EFS (The certificate was automatically generated)
- logged off and logged on as Administrator.
- opened Active Directory Users and Computers, reset the password of user to 12345
- logged off and logged on as user
- tried to open the file test.txt and it could be opened, which is not exactly what I expected
Is this expected behaviour? According to this post, user should not be able to read their encrypted files anymore.
Can anyone explain to me why the post and the actual behavior on my system differ?