Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Encrypted files - no access

Posted on 2003-03-12
11
Medium Priority
?
219 Views
Last Modified: 2013-12-04
I've played around with file encryption in XP, quite foolish but anyhow...
For some reason I lost access to my own files, which I encrypted while using my domain account. This account is the only one I use.

I have not reinstalled the os, nor have I deleted any certificates.

There is a certificate available, but the fingerprint seems to be different from the one having access to the files, even though it's linked to my domain account.

There's no recovery agent available, and I haven't exported any certificates, so there's no 'backdoor'.

Could someone pls explain how I coult loose access, and if there's any way of getting it back?

Thanks,
Sebastian

0
Comment
Question by:ssjoman
  • 2
  • 2
  • 2
  • +3
9 Comments
 
LVL 11

Expert Comment

by:ghana
ID: 8118169
Microsoft describes a scenario where you can lose access to EFS encrypted data in a workgroup:
http://support.microsoft.com/?kbid=290260

Maybe this happened in your domain environment too? Did you change the password of the account that was used to encrypt the files?
0
 

Author Comment

by:ssjoman
ID: 8118212
Thanks for the link, I beleive I've read that.
The article was about reset password, and unfortunately that doesn't apply to me.

I did change the password once myself, and later tried changing it back to see if that worked, not.

Shoot again ;-)

Sebastian

0
 
LVL 4

Expert Comment

by:Ghost_Hacker
ID: 8119149
I would first check to see how "profiles" are used in your domain. If your profile is changed or doesn't allow updates or if it was "lost", then you would have problems with using EFS.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 9

Expert Comment

by:MSGeek
ID: 8132491
If the files are encrypted on a domain share, then the key is tied to your domain login.  If the files are encrpted on teh workstation/laptop then the key may reside on that machine, but in another cached or local profile.  Look under Documents and Settings, is there more than one profile with your login name or similar?
0
 
LVL 11

Expert Comment

by:ghana
ID: 8176635
Have a look at this tool EFSView: It claims to show you which user has the decryption key or recovery key for an EFS encrypted file:

http://ntsecurity.nu/toolbox/efsview/
0
 

Author Comment

by:ssjoman
ID: 8179609
No, haven't got any duplicate profiles.

I've used EFSView, that's how I found out the fingerprint mismatch.

Thanks,
Sebastian
0
 
LVL 12

Accepted Solution

by:
trywaredk earned 1000 total points
ID: 8755062
Advanced EFS Data Recovery (or simply AEFSDR) is a program to recover (decrypt) files encrypted on NTFS (EFS) partitions
http://www.elcomsoft.com/aefsdr.html

EFS Key Beta retrieves EFS-encrypted files from NTFS partitions.
http://www.lostpassword.com/efs.htm?id=efskey_5_5_400

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 

Expert Comment

by:CleanupPing
ID: 9070742
ssjoman:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 9133286
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question