?
Solved

Encrypted files - no access

Posted on 2003-03-12
11
Medium Priority
?
216 Views
Last Modified: 2013-12-04
I've played around with file encryption in XP, quite foolish but anyhow...
For some reason I lost access to my own files, which I encrypted while using my domain account. This account is the only one I use.

I have not reinstalled the os, nor have I deleted any certificates.

There is a certificate available, but the fingerprint seems to be different from the one having access to the files, even though it's linked to my domain account.

There's no recovery agent available, and I haven't exported any certificates, so there's no 'backdoor'.

Could someone pls explain how I coult loose access, and if there's any way of getting it back?

Thanks,
Sebastian

0
Comment
Question by:ssjoman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +3
11 Comments
 
LVL 11

Expert Comment

by:ghana
ID: 8118169
Microsoft describes a scenario where you can lose access to EFS encrypted data in a workgroup:
http://support.microsoft.com/?kbid=290260

Maybe this happened in your domain environment too? Did you change the password of the account that was used to encrypt the files?
0
 

Author Comment

by:ssjoman
ID: 8118212
Thanks for the link, I beleive I've read that.
The article was about reset password, and unfortunately that doesn't apply to me.

I did change the password once myself, and later tried changing it back to see if that worked, not.

Shoot again ;-)

Sebastian

0
 
LVL 4

Expert Comment

by:Ghost_Hacker
ID: 8119149
I would first check to see how "profiles" are used in your domain. If your profile is changed or doesn't allow updates or if it was "lost", then you would have problems with using EFS.
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

 
LVL 9

Expert Comment

by:MSGeek
ID: 8132491
If the files are encrypted on a domain share, then the key is tied to your domain login.  If the files are encrpted on teh workstation/laptop then the key may reside on that machine, but in another cached or local profile.  Look under Documents and Settings, is there more than one profile with your login name or similar?
0
 
LVL 11

Expert Comment

by:ghana
ID: 8176635
Have a look at this tool EFSView: It claims to show you which user has the decryption key or recovery key for an EFS encrypted file:

http://ntsecurity.nu/toolbox/efsview/
0
 

Author Comment

by:ssjoman
ID: 8179609
No, haven't got any duplicate profiles.

I've used EFSView, that's how I found out the fingerprint mismatch.

Thanks,
Sebastian
0
 
LVL 12

Accepted Solution

by:
trywaredk earned 1000 total points
ID: 8755062
Advanced EFS Data Recovery (or simply AEFSDR) is a program to recover (decrypt) files encrypted on NTFS (EFS) partitions
http://www.elcomsoft.com/aefsdr.html

EFS Key Beta retrieves EFS-encrypted files from NTFS partitions.
http://www.lostpassword.com/efs.htm?id=efskey_5_5_400

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 

Expert Comment

by:CleanupPing
ID: 9070742
ssjoman:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 9133286
0

Featured Post

Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many Password Managers (PM) out there to choose from. PM's can help with your password habits and routines, but they should not be a crutch you rely on too heavily. I also have an article for company/enterprise PM's.
Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question