Friday, June 4, 2010

Back Up Your File Encryption Key in Windows Vista

SkyHi @ Friday, June 04, 2010

WIndows Vista includes a file encryption technology very similar from a user perspective to the one that existed in Windows XP, but Vista makes it very easy to make a backup of the file encryption key. In XP, your encrypted files would be lost if you changed your password. In Vista, an encryption key is used to sign the encrypted files, which also means it can be backed up.


It’s critically important that you make a backup of your encryption key if you decide to use the encryption features. Thankfully Vista reminds you immediately after the first time you encrypt a file.


To use the Wizard to back up the encryption key, just click on the popup notification when it comes up.



Select “Back up now” from the wizard screen.



Hit next…



You may as well select all the possible information to back up, in case you have multiple keys for some reason.



You’ll have to enter a password for the key. This password will be used if you try and restore the encryption key later. Make sure you choose a good password, and make sure that it’s also something you’ll remember. This is where a password safe application might help.



On the next screen, you can enter a filename, or you can click the Browse button and choose a folder location. (It was easier for me to click Browse) Type in the file name that you want here.



Hit next and then finish, and you should see that the export was succesful.



Now it’s very important to back that file up to somewhere safe. A spare USB drive wouldn’t be a bad idea.


 


Note: If you selected “Never Back Up”, or you just don’t see the popup notification, don’t fear, you can still back up the encryption key. Just open up Control Panel, and type in “certificate” (or the first few letters, as you can see below) 



Click on “Manage file encryption certificates” and then hit next on the resulting dialog window.


You should see a very simple screen that makes it easy to back up the encryption key in a single step. Honestly, I think this route is faster than using the other wizard, and it bugs me that they made two different screens to accomplish the same thing. 



Same as before, select a filename and password (Use the browse button to select the filename more easily)



Check the box for “I’ll update my encrypted files later”, because you aren’t actually changing the certificate at this point, just backing it up.


…make sure that you back up the key file safely.


REFERENCES

http://www.howtogeek.com/howto/windows-vista/back-up-your-file-encryption-key-in-windows-vista/