Enable or disable EFS

How to turn it on and off.

EFS, available in both Windows 2000 and XP Professional, enables users to secure data on a hard drive using public

key encryption. Even if an attacker gains access to data on a hard drive, files on the drive that have been encrypted are useless without the decryption key. This feature is great for laptop users and organizations that need to further secure highly sensitive data. Files can be encrypted individually or a folder can be designated as encrypted so that any file written to that folder is automatically encrypted. IT only works with an NTFS partition, but when enabled, EFS is transparent to the user.

But EFS may not be appropriate for your situation, and in that case, you may want to disable it. Or you may have disabled it (or someone else did) and you want it back again. You can do this by editing the registry.

Disabling EFS

If EFS is not appropriate in your environment, or if you have files that you do not want to be encrypted, you can disable EFS via the registry.

The following procedure shows how this can be done using Windows XP Professional:

  • Run Regedit
  • Go to HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionEFS subkey.
  • Go to edit then select New. Select DWORD Value.
  • Enter a name of EfsConfiguration and press Enter.
  • Double-click the new value then set it to 1 to disable EFS, Click OK.
  • Close the registry editor.
  • Reboot the machine

If you wish to enable EFS you can set the registry value to 0.


Adesh Rampat has 10 years experience with network and IT administration. He is a member of the Association Of Internet Professionals, the Institute For Network Professionals, and the International Webmasters Association. He has also lectured extensively on a variety of topics.


This was first published in September 2002

Dig deeper on Microsoft Windows XP Pro

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close