I've lost access to my encrypted files

I have an account on Windows Server 2008 R2, which at the moment I am using as a desktop.

I had certain files encrypted under a standard user account.

I changed my password, and then lost power without logging off. After logging in again I was no longer able to access those files. Changing the password back to the original did not help.

I have imported my backup certificate to the personal store with the correct password, although this did not grant me access.

What can I do?

edit: Is this because I did not backup my certificate/key after changing my password? Have I now lost access?

Jake

Posted 2012-08-17T18:24:15.390

Reputation: 113

What password did you change? Your Windows account password? How are you determining that you can't access the files? Are you getting a specific error? – Der Hochstapler – 2012-08-17T22:57:01.713

1@OliverSalzburg Yes, I changed my windows account password. I get an Access Denied error when trying to access files I formerly could. – Jake – 2012-08-17T23:49:14.217

Answers

Unfortunately, Windows is doing its job by denying you access with your old key :/ Windows requires a new key with a new password when it encrypts so someone with an old key gets locked out, just like a dead bolt.

Canadian Luke

Posted 2012-08-17T18:24:15.390

Reputation: 22 162

1Luke, so it is true that windows will generate a new key from a new password? Going back to the old password would not work? I am surprised there was no prompt to backup my cert after changing my password. I'm also surprised That my files did not have to be re-encrypetd, as the initial encryption took about an hour. As that did not seem to take place this time unless it was behind the scenes, is there any way I can recover ? – Jake – 2012-08-17T21:38:00.267

Also do you have any source for this, as I am finding conflicting things in my research. A statement from MS saying as much would be awesome. – Jake – 2012-08-17T21:41:21.070

Generating a new key is the easy part, which is why it happened very quick. Because you don't have the original new key, however, windows won't generate a new key you can use by just changing your password. It's very easy to remove passwords, so they had to separate the system from the efs – Canadian Luke – 2012-08-17T22:11:45.577

So reverting to my original password and using that key won't work, why not? – Jake – 2012-08-17T22:15:17.427

2Because passwords get salted before hashed. What this means is that a password of 12345678 one day is going to be hashed differently then 12345678 on another day. Because it will never hash the same password twice, once you change a password, the key must change with it to prove you are the current owner, not someone breaking in – Canadian Luke – 2012-08-17T22:42:15.493

3I kind of figured that, but damn. I can't believe that simply by changing my password and logging on again I lost access to all my files. That seems like a poor design. I'm just glad I know the importance of regular backups. – Jake – 2012-08-18T00:59:16.750

I realize it's only one person, but whoever downvoted... Is there a reason? – Canadian Luke – 2013-02-07T23:42:24.027

2Working encryption is designed to cause total data loss upon losing the key. Working as designed. So, if you're going to implement it, either have non-encrypted backups stored in a safe place or check out what mechanisms have been provided to back up and restore the keys so that you don't lose access. – Fiasco Labs – 2013-09-06T05:28:42.253

I misread your question - missing completely on that you had ABRUPT loss of power. This could mean any variation of possibilities, but corrupt file may be one of the big reason. This is exactly it happened to me when an encrypted excel file could not be rescued after a hard drive crash.

Have you give a try to password remover for your file type? (e.g.Elcomsoft's Word Password Remover, Excel ....?) Cost of password remover offsets the value of the data file, IMO.

Running out of ideas.

C2940680

Posted 2012-08-17T18:24:15.390

Reputation: 775

5The files are encrypted with EFS, a password remover thing won't help.... – Jake – 2012-08-17T22:04:17.243