Published by


Brink's Avatar
Administrator

Posts: 25,290

Show Printable Version 


How to Back Up Your EFS File Encryption Certificate and Key in Windows 10

information   Information
The Encrypting File System (EFS) is the built-in encryption tool in Windows used to encrypt files and folders on NTFS drives to protect them from unwanted access. EFS enables transparent encryption and decryption of files for your user account by using advanced, standard cryptographic algorithms. Any individual or app that doesn't possess the appropriate file encryption key cannot open any encrypted files and folders. Encryption is the strongest protection that Windows provides to help you keep your individual files and folders secure.

Creating a backup of your file encryption certificate and key to a PFX file helps you avoid permanently losing access to your encrypted files and folders if the original certificate and key are lost or corrupted.

If you lose access to your encrypted files and folders, you will not be able to open them again unless you are able to restore your file encryption certificate and key used with EFS.

This tutorial will show you how to back up your file encryption certificate and key used with Encrypting File System (EFS) in Windows 10 Pro, Enterprise, and Education editions.
warning   Warning
When you back up your file encryption certificate and key using an option below, you will be required to enter a password used to protect the private key to maintain the security of your encrypted files and folders.

No one will be able to restore the backed up file encryption certificate and key to gain access to your encrypted files and folders unless they are able to enter this password.

It is extremely important that you do not lose this password. Keep it written down in a safe secure location in case you need to restore your backed up file encryption certificate and key.

Be sure to also keep the PFX file backup of your file encryption certificate and key saved in a safe and secure location in case you need to restore your backed up file encryption certificate and key.


CONTENTS:
  • Option One: To Backup your Current EFS File Encryption Certificate and Key from EFS Notification or Icon
  • Option Two: To Backup your EFS File Encryption Certificate(s) and Key(s) in Certificates Manager
  • Option Three: To Backup your Current EFS File Encryption Certificate and Key in Command Prompt





Backup Encrypting File System Certificate and Key in Windows 10 OPTION ONE Backup Encrypting File System Certificate and Key in Windows 10
To Backup your Current EFS File Encryption Certificate and Key from EFS Notification or Icon

Note   Note
You will see the EFS notification and icon whenever a new file encryption certificate and key has been created.

This is usually after the first time you encrypt a file or folder, or manually create a new key using the Cipher command.


1. Either click/tap on the EFS notification or taskbar icon. (see screenshot below)

Name:  notification_backup_EFS_certificate-1.jpg
Views: 3379
Size:  26.1 KB

2. Click/tap on Back up now. (see screenshot below)

Name:  notification_backup_EFS_certificate-2.jpg
Views: 3572
Size:  47.3 KB

3. Click/tap on Next. (see screenshot below)

Name:  notification_backup_EFS_certificate-3.jpg
Views: 3415
Size:  51.6 KB

4. Check the Password box, enter a password you want to protect the private key backup with, enter this password again to confirm, and click/tap on Next. (see screenshot below)

Name:  notification_backup_EFS_certificate-4.jpg
Views: 3424
Size:  37.0 KB

5. Click/tap on the Browse button, navigate to where you want to save the backup to, enter a file name you want for the backup, click/tap on Save, and click/tap on Next. (see screenshot below)

Click image for larger version. 

Name:	notification_backup_EFS_certificate-5.jpg 
Views:	159 
Size:	93.0 KB 
ID:	121103

6. Click/tap on Finish. (see screenshot below)

Name:  notification_backup_EFS_certificate-6.jpg
Views: 3458
Size:  46.2 KB

7. When the export has successfully finished, click/tap on OK. (see screenshot below)

Name:  notification_backup_EFS_certificate-7.jpg
Views: 3376
Size:  8.3 KB





Backup Encrypting File System Certificate and Key in Windows 10 OPTION TWO Backup Encrypting File System Certificate and Key in Windows 10
To Backup your EFS File Encryption Certificate(s) and Key(s) in Certificates Manager

1. Press the Win+R keys to open Run, type certmgr.msc, and click/tap on OK to open Certificates Manager.

2. In the left pane of certmgr, expand open the Personal store, and open Certificates. (see screenshots below step 3)

3. In the right pane of Certificates, select all certificates for Encrypting File System under the "Intended Purpose" column, right click or press and hold on these selected certificates, click/tap on All Tasks, and click/tap on Export. (see screenshots below)

Name:  backup_EFS_certificate-1.jpg
Views: 3388
Size:  53.3 KB
Name:  backup_EFS_certificate-1b.jpg
Views: 3465
Size:  56.5 KB

4. Click/tap on Next. (see screenshot below)

Name:  backup_EFS_certificate-2.jpg
Views: 3385
Size:  46.7 KB

5. Select (dot) Yes, export the private key, and click/tap on Next. (see screenshot below)

Name:  backup_EFS_certificate-3.jpg
Views: 3395
Size:  45.9 KB

6. Click/tap on Next. (see screenshot below)

Name:  backup_EFS_certificate-4.jpg
Views: 3365
Size:  50.8 KB

7. Check the Password box, enter a password you want to protect the private key backup with, enter this password again to confirm, and click/tap on Next. (see screenshot below)

Name:  notification_backup_EFS_certificate-4.jpg
Views: 3424
Size:  37.0 KB

8. Click/tap on the Browse button, navigate to where you want to save the backup to, enter a file name you want for the backup, click/tap on Save, and click/tap on Next. (see screenshot below)

Click image for larger version. 

Name:	notification_backup_EFS_certificate-5.jpg 
Views:	159 
Size:	93.0 KB 
ID:	121103

9. Click/tap on Finish. (see screenshot below)

Name:  notification_backup_EFS_certificate-6.jpg
Views: 3458
Size:  46.2 KB

10. When the export has successfully finished, click/tap on OK. (see screenshot below)

Name:  notification_backup_EFS_certificate-7.jpg
Views: 3376
Size:  8.3 KB





Backup Encrypting File System Certificate and Key in Windows 10 OPTION THREE Backup Encrypting File System Certificate and Key in Windows 10
To Backup your Current EFS File Encryption Certificate and Key in Command Prompt

1. Open a command prompt.

2. Enter the command below into the command prompt, and press Enter. (see screenshot below)

cipher /x "%UserProfile%\Desktop\MyEFSCertificates"

Name:  backup_EFS_certificate_command-1.jpg
Views: 3342
Size:  29.5 KB

3. Click/tap on OK. (see screenshot below)

Name:  backup_EFS_certificate_command-2.jpg
Views: 3338
Size:  22.2 KB

4. Enter a password you want to protect the private key backup with in the command prompt, and press Enter. (see screenshot below)

Name:  backup_EFS_certificate_command-3.jpg
Views: 3334
Size:  34.6 KB

5. Enter this password password again to confirm, and press Enter. (see screenshot below)

Name:  backup_EFS_certificate_command-4.jpg
Views: 3332
Size:  38.1 KB

6. When your EFS certificate has been backed up successfully, you can close the command prompt if you like. (see screenshot below)

Click image for larger version. 

Name:	backup_EFS_certificate_command-5.jpg 
Views:	76 
Size:	60.3 KB 
ID:	121093

7. A MyEFSCertificates.PFX file has now been save to your desktop. This is the backup of your current file encryption certifcate and key.



That's it,
Shawn