What if 'what is backup your file encryption certificate and key'

Hi,

I  just got this message, never seen this before:

backup encryption
What is it? Can we disable this? Is this important?
rayluvsAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
it is very important to backup your EFS encryption key. If you reset the machine or load a new operating system i.e. hard drive crash you will lose access to any file you have encrypted with EFS until you INSTALL that key from the backed up.pfx file
1
Michelle Solangel PhillipsTech SupportCommented:
Hello,

Please refer to what Mr. Johnson said above.

EFS is used to encrypt files stored in Windows File server systems. If you have any encrypted files on your PC (for example, Excel files or some folders that were encrypted) you may not be able to access to it if you not have the key from the encryption, more over, you wont be able to make any changes into it if by ever reason your computer crashes.

If you are not so sure that your PC contains some encrypted folders, please open up CMD (command prompt) and then type the following:

cipher /u

It should prompt a list of encrypted folders and files if your system has any.
Try recovering the files if you are not so sure how it got encrypted.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rayluvsAuthor Commented:
Thank you!  Now it’s more clear!

I don’t think I use any EFS in the computers, I only use TrueCrypt volumes.   Nevertheless, I will test as you recommended.
0
Amazon Web Services

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

McKnifeCommented:
"I don’t think I use any EFS in the computers" - you are. Else, that certificate wouldn't be there. Probably you didn't know what you were doing or activated it by chance.
You'll even lose access if you have your password reset, by the way. The admin should setup GPOs that don't allow to use EFS if the users cannot handle it. The admin also needs to  configure Data recovery agents. Read the documentation at MS, it's not that complicated.
0
rayluvsAuthor Commented:
As to my knowledge, I don't think I have created any.  Nevertheless, I ran the cipher /u recommended by Michelle, but added /U as to not update anything - no result (see pix below).

check-4-efs
Is there any other way to find any EFS files in the drive? (to make sure)
0
Michelle Solangel PhillipsTech SupportCommented:
Good morning,

Well, if you have verified with cipher that you do not have any encrypted file, it might be a corrupted certificate. Please refer to the following and verify for me this:

1. Type certmgr.msc into search box, press Enter.

2. In the certification management window, expand Personal ->Certificates-> There should have entry with EFS intended Purpose, delete that certificate.

3. Same steps for Trusted People ->Certificates -> entry with EFS intended purpose.

Reboot to check result and let me know if issue disappears.
0
McKnifeCommented:
The files may as well be already deleted or decrypted again. They might as well reside on a network share. But who cares? Backup the key and all is well.
0
rayluvsAuthor Commented:
I thought about the "network share" part, so when starting the computer I had the LAN disable, and still message appeared.  We ran the  cipher /n /u, no files found on this computer, still the message appear.

This message first appeared yesterday and this morning when starting the computer. This computer has 8 month of use.

Is there another way to see if there is any EFS in the computer?
0
Michelle Solangel PhillipsTech SupportCommented:
Good day,

Did you try as what I stated before?
I had this similar issue with no encrypted file on my pc but was a weird corrupted certificate on my side, so I dont know if it could be happening to you too.
0
rayluvsAuthor Commented:
Oh, didn't see that; let me read your entry again.
0
rayluvsAuthor Commented:
Thanx, you are correct, there certificates (see pix below).

certificates
Why are they there? I mean, I have an iPhone and I use that username - why is there a certificate for the 3 entries?
0
Michelle Solangel PhillipsTech SupportCommented:
Hello and sorry for the late response (I was cooking all day),

Certificates sometimes are automatic created when an antivirus affects some decisions on user's level, i.e giving extra protection when the engine starts and so on. How and why are the certs created without us noticing is something I can explain very well though, since I have failed to notice why it happened on my end as well.

Just before you delete the certificates you see, please export them to a safe location just in case. Then reboot the PC and the prompt should never bother you away.
0
rayluvsAuthor Commented:
Thank you  very much!

So this will the the way to disable this message?
0
David Johnson, CD, MVPOwnerCommented:
backup the key and the warning will go away
0
rayluvsAuthor Commented:
OK

Thanx!

and Happy New Year 2018!!
1
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Encryption

From novice to tech pro — start learning today.