Exporting a data recovery certificate
Go to 'start\run' and type
'secpol.msc' to open the local security policies. Navigate to 'Security
Settings\Public Key Policies\Encrypting File System,' and Choose 'Action\Add
Data Recovery Agent.' Click 'Next.'
Click 'browse folders.' open
the filename you created earlier with the 'cipher' command. Click 'next' then
'finish.' The current user is now a data-recovery agent and can decrypt any EFS
encrypted files on the system.
Exporting a data
In order to be sure you cannot
lose all your encrypted data in the case of an accident, you need to export the
digital certificate you just created for the recovery agent. This will allow you
to create new recovery agents in case something awful happens to your current
Login to the user account you
made the recovery agent in the last step. Go to 'start\run' and type secpol.msc
to bring up the local security policy. Navigate to 'Security Settings\Public Key
Policies\Encrypting File System.' Right-click the certificate you just issued
and choose 'all tasks\export.'
the 'DER Encoded Binary X.509 (.CER)' option, and click 'Next'. Now specify the
location you wish to export the certificate to, for example a floppy disk.
Keep it Safe! Now if the
worst happens, you can follow the steps listed above to create a recovery agent,
using the certificate you just exported. Best practice is to now delete the two
files you created with the 'cipher' command in order to ensure that only you
have access to the recovery agent.
Find out about this and many other reviews by joining the Weekly
PCstats.com Newsletter today!
||Use the power of Google to search all of PCSTATS and the PCSTATS Forums. Tell us what you think of this new feature - FEEDBACK?|