How to use EFS encryption to encrypt individual files and folders on Windows 10

Encrypting File System (EFS) is an encryption service found in Windows 10 Pro, Enterprise, and Education. A cousin to BitLocker, which can encrypt entire drives at once, EFS lets you encrypt individual files and folders.

Encryption is tied to the PC user, so if a different user is logged in than the user who encrypted the files, those files will remain inaccessible.

EFS encryption isn't as secure as other encryption methods, like BitLocker, because the key that unlocks the encryption is saved locally. There's also a chance that data can leak into temporary files since the entire drive is not encrypted.

Still, EFS is a quick and easy way to protect individual files and folders on a PC that's shared amongst several users. Encrypting with EFS doesn't take long — let's take a look at how it's done.

What you'll need before you begin

EFS is only available on Pro, Enterprise, and Education versions of Windows 10. If you're using Windows 10 Home, you're out of luck. You also need to be using a password with your user account, preferably strong and difficult to crack.

Once you've encrypted a file or folder, Windows will automatically remind you that you should create a backup key in case you run into a problem where you can no longer log into your user account that's tied to the encrypted files. This requires some sort of removable media. In our case, we use a USB thumb drive.

How to enable EFS on Windows 10

Have a file or folder in mind for encryption? Here's how to enable EFS.

  1. Launch File Explorer from your Start menu, desktop, or taskbar.
  2. Right-click a file or folder.
  3. Click Properties.

    Right-click a file or folder. Click Properties.

  4. Click Advanced.
  5. Click the checkbox next to Encrypt contents to secure data.

    Click Advanced. Click the checkbox.

  6. Click OK.
  7. Click Apply. A window will pop up asking you whether or not you want to only encrypt the selected folder, or the folder, subfolders, and files.

    Click OK. Click Apply.

  8. Click either Apply changes to this folder only or Apply changes to this folder, subfolders, and files.
  9. Click OK.

    Click an option. Click OK.

Files that you've encrypted with EFS will have a small padlock icon in the top-right corner of the thumbnail or icon.

How to back up your EFS encryption key

After enabling EFS, a small icon will appear in the system tray in the bottom-right corner of your screen. This is your reminder to back up your EFS encryption key.

  1. Plug your USB drive into your PC.
  2. Click the EFS icon in the system tray.
  3. Click Back up now (recommended).

    Click the EFS button. Click Back up now.

  4. Click Next.
  5. Click Next.

    Click Next. Click Next.

  6. Click the checkbox next to Password.
  7. Type a password in the first Password field.

    Click the checkbox. Type a password.

  8. Type the same password in the Confirm password field.
  9. Click Next.

    Type the same password. Click Next.

  10. Click Browse.
  11. Click the USB drive.

    Click Browse. Click the USB drive.

  12. Click the File name field.
  13. Type a filename.

    Click the File name field. Type a filename.

  14. Click Save.
  15. Click Next.

    Click Save. Click Next.

  16. Click Finish.
  17. Click OK.

    Click Finish. Click OK.

That's it. If you ever lose access to your user account, the backup key can be used to access the encrypted files on the PC.

Read 118 times
Subscribe to our Newsletter
Top
We use cookies to improve our website. By continuing to use this website, you are giving consent to cookies being used. More details…