Cannot access encrypted files on external disk

[nik]

Motherboard crashed so removed hard disk to use as external extra on new
laptop but from new laptop I cannot access encrypted files on external disk.
All other files are accessible. How can I access those files please.
Thanks in anticipation.

 

[Shenan Stanley]

Motherboard crashed so removed hard disk to use as external extra
on new laptop but from new laptop I cannot access encrypted files
on external disk. All other files are accessible. How can I access
those files please.
Thanks in anticipation.

If you cannot access them and some change occurred on your system
(format/install, repair install, forcing a password change, etc) that has
caused the EFS certificate to become corrupted or be lost and you did not
follow the, "Best practices for the Encrypting File System"...

http://support.microsoft.com/kb/223316

.... thus you did not 'export [your] certificates and private keys to
removable media and store the media securely when it is not in use', then
you may have a problem - one not inexpensively (or even at all) resolved.

Encryption is meant to protect your data from digital theft.
It would not be effective if there was an easy back-door.

 

[nik]

Yes I did not follow the best practice as I was not aware of the
ramifications. The older computer just crashed and I was in a hurry.
I have now exported new keys and certificates and imported them to the trust
root but the encrypted file will not accept them quoting error message
(EFSADU - Error in adding new user(s). Error code 5). I can delete the file
but it is unmovable.

Motherboard crashed so removed hard disk to use as external extra
on new laptop but from new laptop I cannot access encrypted files
on external disk. All other files are accessible. How can I access
those files please.
Thanks in anticipation.

If you cannot access them and some change occurred on your system
(format/install, repair install, forcing a password change, etc) that has
caused the EFS certificate to become corrupted or be lost and you did not
follow the, "Best practices for the Encrypting File System"...

http://support.microsoft.com/kb/223316

.... thus you did not 'export [your] certificates and private keys to
removable media and store the media securely when it is not in use', then
you may have a problem - one not inexpensively (or even at all) resolved.

Encryption is meant to protect your data from digital theft.
It would not be effective if there was an easy back-door.

 

[Shenan Stanley]

Motherboard crashed so removed hard disk to use as external extra
on new laptop but from new laptop I cannot access encrypted files
on external disk. All other files are accessible. How can I access
those files please.
Thanks in anticipation.

If you cannot access them and some change occurred on your system
(format/install, repair install, forcing a password change, etc)
that has caused the EFS certificate to become corrupted or be lost
and you did not follow the, "Best practices for the Encrypting File
System"...

http://support.microsoft.com/kb/223316

... thus you did not 'export [your] certificates and private keys to
removable media and store the media securely when it is not in
use', then you may have a problem - one not inexpensively (or even
at all) resolved.

Encryption is meant to protect your data from digital theft.
It would not be effective if there was an easy back-door.

Yes I did not follow the best practice as I was not aware of the
ramifications. The older computer just crashed and I was in a hurry.
I have now exported new keys and certificates and imported them to
the trust root but the encrypted file will not accept them quoting
error message (EFSADU - Error in adding new user(s). Error code 5).
I can delete the file but it is unmovable.

You exported the *new* keys/cert - but the old stuff has nothing to do with
the new keys/cert.

You would need to boot to the old system and logon with your unchanged user
account and export that key to access your old data encrypted on that old
system.

 

[Twayne]

Motherboard crashed so removed hard disk to use as external extra on
new laptop but from new laptop I cannot access encrypted files on
external disk. All other files are accessible. How can I access those
files please.
Thanks in anticipation.

Unfortunately, unless you can put the disk back in the old machine and
unencrypt or export the keys for that specific data, then your data is
gone. For good. Only your account on the original computer can do
anything with those files unless you exported the security keys used for
just the situation you are in.
MS did a lousy job of documenting that "minor detail". It IS highly
effective though, you have to admit; you're seeing proof that at least
no one could steal your drive or download from it, and get anything off
it that's encrypted.

 

[nik]

Live'n learn.
The old machine is gone and so the files. At least I can delete them or keep
them until an unlocker becomes available, months or years.
Thanks for help folks.

 

[John John - MVP]

You could always try to boot the old hard disk on another computer, you
never know, Windows XP might be stubborn enough to boot and allow you to
save your files! Even an in-place upgrade (reinstallation) of the old
beast might rouse it back! You never know and you have nothing to lose
trying. You can try in another laptop or get yourself a 2.5" to 3.5"
disk adapter and give it a try on a desktop!

John

 

[Twayne]

You could always try to boot the old hard disk on another computer,
you never know, Windows XP might be stubborn enough to boot and allow
you to save your files! Even an in-place upgrade (reinstallation) of
the old beast might rouse it back! You never know and you have
nothing to lose trying. You can try in another laptop or get
yourself a 2.5" to 3.5" disk adapter and give it a try on a desktop!

How could that have anything but a statistically insignificant chance of
working in a thousand years? There is no way such events are going to
result in the re-acquisition of those files. If it was that easy,
crackers would be a dime a dozen on the 'net.

To the OP:
That's an exercise in futility and false hope. Try it if you feel you
must, but it will not lead to anything useful. You're not the first and
won't be the last to have this experience. Much better to concentrate
on moving forward and recreating whatever you can of the lost data and
get on with your life.
It isn't quick by any means, but there are some very expensive
services that claim to be able to recover such data by brute force but
it's going to cost a fortune to find out whether they can or not.
The one good thing that's come of this is that now you have the
experience and background to be able to avoid this particular disaster
in the future. Education sometimes comes hard.

HTH,

Twayne`

 

[John John - MVP]

How could that have anything but a statistically insignificant chance of
working in a thousand years?

More than you might think or ever know. Moving a Windows XP disk is
something that lots of people do and often time a repair install gets
the installation going again. The OP has absolutely nothing to lose
trying it and if the repair install gets the installation going he will
get access to his files. This is not a matter of "If it was that easy,
crackers would be a dime a dozen on the 'net", it has nothing to do with
"cracking" the encryption, it has all to do with moving Windows to
different hardware and getting it to start again, moving Windows to new
hardware does not invalidate the SAM database or the encryption
certificates.

http://support.microsoft.com/default.aspx?scid=kb;en-us;249694
How to move a Windows installation to different hardware

http://support.microsoft.com/kb/306952/
What an in-place Windows 2000 upgrade changes and what it does not change

The only waste of time and exercise in futility would be to follow your
advice to try to find "very expensive services" that claim to be able to
recover the encrypted files.

John

 

[Anthony Buckland]

Live'n learn.
The old machine is gone and so the files. At least I can delete them or
keep
them until an unlocker becomes available, months or years.
Thanks for help folks.
...

A good attitude. Don't throw stuff out you don't understand today,
you might understand it tomorrow or some time in the thirties.
One of the things about encryption many people don't understand
it that it's REALLY ENCRYPTED. There is no movie character
who will trill on your keyboard in incomprehensible ways and
deliver the data to you. But, the data you have isn't junk. One day
you may be able to decrypt it. Not today. Not next month. One day
is in the FUTURE.