Encrypted files inaccessible after reinstalling OS

[Mark Jones]

After reinstalling Windows XP Pro over a previous
installation (same operating system) my important
encrypted files containing account information can no
longer be read - they look like they are still encrypted
as the text is garbled. After decrypting the text is still
garbled.

Was anyone aware that reinstalling the OS will prevent
encrypted files from being decrypted? Can I work around
this somehow?

(I have partial backups of these files but still, it seems
like a glaring error and not mentioned on any microsoft
tech support pages I have seen)

 

[Mike Mulligan]

Did you backup the encryption key? If not, your files are lost.

"Was anyone aware that reinstalling the OS will prevent encrypted files from
being decrypted?" Yes, anyone who prepares by reading about reinstalling
Windows before starting the process.

Mike Mulligan

 

[Mike Brannigan [MSFT]]

Mark,

You re describing the correct default behaviour for the EFS.
If someone stole your PC and installed a new copy of Windows would you
expect to be able to get at the encrypted files?

The use of EFS and the requirement for you to back-up your key and create a
key recovery agent and backup its keys to is documented in a number of
places.
A simple Search on www.microsoft.com for Encrypting File System
yields many results:-

But most notably the entire Chapter 17 of the Window XP Professional
Resource Kit
entitled -- Encrypting File System
at
http://www.microsoft.com/technet/tr...winxppro/reskit/prork_overview.asp?frame=true


--
Regards,

Mike
--
Mike Brannigan [Microsoft]

This posting is provided "AS IS" with no warranties, and confers no
rights

Please note I cannot respond to e-mailed questions.
Please use these newsgroups

 

[Jupiter Jones [MVP]]

Mark;
Are you sure it is not an Ownership issue:
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q308421&

If the files are encrypted.
If you did not back-up the encryption key or the Recovery Agent and
are not on a domain, the files are as good as gone.
This must be accomplished while you have access to the files.
If you have not already done so, it is now to late.

If you can restore the original profile (not recreate) you may be able
to recover the data.
Recreating profiles and passwords is irrelevant.
Contact Microsoft if you can restore the profile.
Or:
http://www.beginningtoseethelight.org/efsrecovery/index.php

EFS is very good at what it does and there is no back door.
Read and understand these links before using EFS to keep from
permanently losing your data:
http://www.microsoft.com/windowsxp/pro/techinfo/administration/recovery/default.asp
(58 pages)
http://support.microsoft.com/?id=223316

 

[Mark Jones]

Dear Mike,

Your comments and links were very much appreciated.

However, it wasn't a "new" installation in the sense that
I installed a different version of Windows or from
scratch. It was (what some people term) a "soft-
reinstallation" i.e. in every other respect all Windows
settings were preserved and remained intact after
reinstallation (including users and privileges) so it
would seem logical to me, given that I log in to the same
account as the same user and have all the same user
privileges in all other respects as before the
reinstallation, that my encrypted files should likewise
still remain accessible to me on my user account.

Someone stealing my computer and attempting to access the
encrypted files would still need my user password to
access the encrypted files even after reinstalling
Windows, meaning that reinstalling Windows in the same
manner would be of no benefit.

I'm not an expert and I know there is a need to read as
much as one can before doing any major system operations.
However, some things should be reasonably intuitive
without the need to read swathes of techical documentation
(the obvious precautions aside). This information if it is
part of Windows design should be included in the installed
help files. If it is not part of the design perhaps it
could be addressed? I am fairly well-read in terms of XP
but found no information regarding the above besides the
usual "make back-ups" which doesn't explain the problem.


Yours,
Mark Jones

 

[Mark Jones]

Thanks for the reply. I am the sole owner and
administrator of all files on my system. The type of
reinstallation I did kept all the same profiles and
privileges as before so I do not need to restore anything.

Now the encrypted files are not readable (i.e. I can open
the files but they are now munged) despite using the same
profile as before the (soft) re-install.

I'm not worried about the files right now but I would like
to know why this happened and, if it is an error, how to
prevent or correct it.

Thanks
Mark

 

[Jupiter Jones [MVP]]

Mark;
As Mike suggested, nothing went wrong.
On the surface everything looks the same, however the underlying code
the matched the keys is gone.
Your only hope is restoring the ORIGINAL profile from before the
reload and:
Contacting Microsoft Paid support to put it back together.
OR
Follow this link:
http://www.beginningtoseethelight.org/efsrecovery/index.php

You should read and fully understand the links Mike and I gave before
using EFS.
EFS is very good at what it does and there are no back doors.

--
Jupiter Jones [MVP]
An easier way to read newsgroup messages:
http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
Please respond to newsgroup only for everyone's benefit.