Do you use the Encrypting File System (EFS) in Windows XP Professional to encrypt your data into a format that cannot be read by other users? If you have to reinstall Windows you won’t get the same key and you won’t be able to access your data. To ensure you can decrypt files in the future, you should back up your encryption key.
Windows XP Professional uses transparent encryption. This means you don’t need to remember your encryption key. Your data is unencrypted automatically when you sign on to Windows. Furthermore, the encryption key is a long line of gibberish. And it is generated randomly.
Back up your encryption key.
Backing up the key is complicated, so let’s go through the steps. First, log into your user account. Then click Start>Run. Enter “mmc” (no quotes) and click OK.
Click File>Add/Remove Snap-in and click Add. Click Certificates under Available Standalone Snap-ins. Then Click Add. Click “My user account” and then Finish. Click Close and OK.
Next, double-click Certificates – Current User, and double-click Personal. Then double-click Certificates.
Find the certificate that says File Recover in the Intended Purposes column. Right-click it and select All Tasks. Click Export. The Export Wizard starts. Click Next. Click “Yes, export the private key” and click Next. Click Personal Information Exchange.
Important: Do not select “Delete the private key if the export is successful.” Otherwise, you won’t be able to decrypt documents on the computer.
Click Next and specify a password. Click Next. Name the file and location where to export the certificate and key (I recommend a USB drive). Click Next. Finally, click Finish.
At some point, you may need to restore the encryption key. To do this, log on to the computer with your account. Click Start>>Run. Enter “mmc” (no quotes) and click Enter. Click the Console menu and select Add/Remove Snap-In.
Click the Add button, and double-click the Certificates snap-in. Choose My User Account and click Finish. Click Close on the Add Standalone Snap-In dialog box and then click OK on the Add/Remove Snap-in dialog box.
Click Certificates, Current User, Personal and then Certificates. Right-click the folder and select All Tasks>>Import. When the Certificate Import Wizard launches, click Next. Browse to find your backup file.
Enter your password. Make sure “Mark this key as exportable” is checked. Click Next. If prompted, select “Place all certificates in the following store.” Click Next. Highlight the Personal store and click OK. Click Next. Finally, click Finish.