Logon Password and XP file encryption

[Guest]

I have various encrypted files that were done with the built in XP file
encrypt. I changed my windows login password after the files were encrypted
(get changes every 90 days, company policy) and upon doing this lost access
to all my encrypted files. I changed my password four times to get back to
my original password then my files were accessible again. I am doing this on
the same computer. Is there any way to tie changing you login password to
the encryption system so that it does not lock out files? I was getting file
access errors which is a classic sign of using the wrong Key. I can't
believe there isn't even an error message telling you about this. It is also
funny that changing you passwords for security locks you out of your fles
even if you are the admin. and in the account that created the key.

 

[John Wunderlich]

I have various encrypted files that were done with the built in XP
file encrypt. I changed my windows login password after the files
were encrypted (get changes every 90 days, company policy) and
upon doing this lost access to all my encrypted files. I changed
my password four times to get back to my original password then my
files were accessible again. I am doing this on the same computer.
Is there any way to tie changing you login password to the
encryption system so that it does not lock out files? I was
getting file access errors which is a classic sign of using the
wrong Key. I can't believe there isn't even an error message
telling you about this. It is also funny that changing you
passwords for security locks you out of your fles even if you are
the admin. and in the account that created the key.

I recommend reading the Microsoft article:

"Best practices for the Encrypting File System"
<http://support.microsoft.com/kb/223316/en-us>

.... which includes instructions on how to back up the encryption
certificates/keys.

HTH,
John

 

[Guest]

John, Thank you for the reply. I read the document you mentioned but there
is no mention of how your windows logon password affects your encryption. Is
there anything that might explain that connection.

 

[John Wunderlich]

John, Thank you for the reply. I read the document you mentioned
but there is no mention of how your windows logon password affects
your encryption. Is there anything that might explain that
connection.

I believe the encryption certificates are themselves encrypted to a
combination of your Secure ID (SID) and your password.
You might look at some of these articles, too:

"User cannot gain access to certificate functionality after password
change or when using a roaming profile"
<http://support.microsoft.com/kb/331333/en-us>

"The Windows Server 2003 Family Encrypting File System"
<http://msdn.microsoft.com/library/d...ecure/html/winnetsrvr-encryptedfilesystem.asp>

HTH,
John