Enable or disable EFS

EFS, available in both Windows 2000 and XP Professional, enables users to secure data on a hard drive using public key encryption. Even if an attacker gains access to data on a hard drive, files on the drive that have been encrypted are useless without the decryption key. This feature is great for laptop users and organizations that need to further secure highly sensitive data. Files can be encrypted individually or a folder can be designated as encrypted so that any file written to that folder is automatically encrypted. IT only works with an NTFS partition, but when enabled, EFS is transparent to the user.

But EFS may not be appropriate for your situation, and in that case, you may want to disable it. Or you may have disabled it (or someone else did) and you want it back again. You can do this by editing the registry.

Disabling EFS

If EFS is not appropriate in your environment, or if you have files that you do not want to be encrypted, you can disable EFS via the registry.

The following procedure shows how this can be done using Windows XP Professional:

  • Run Regedit
  • Go to HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionEFS subkey.
  • Go to edit then select New. Select DWORD Value.
  • Enter a name of EfsConfiguration and press Enter.
  • Double-click the new value then set it to 1 to disable EFS, Click OK.
  • Close the registry editor.
  • Reboot the machine

If you wish to enable EFS you can set the registry value to 0.

Adesh Rampat has 10 years experience with network and IT administration. He is a member of the Association Of Internet Professionals, the Institute For Network Professionals, and the International Webmasters Association. He has also lectured extensively on a variety of topics.

This was first published in September 2002

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.