Tech Tips / Windows XP / Security
Comparing EFS in Win2K and WinXP
The first version of EFS was built into Windows 2000. Although Windows XP is a minor upgrade from Windows 2000, you should be aware of this important information about EFS:
- EFS is not available in Windows XP Home Edition.
-
EFS is available on Windows XP Professional computers that have only NTFS,
not FAT32, partitions. - By default, Windows 2000 includes a default Recovery Agent. (Windows XP Professional in a workgroup doesn't, but Windows XP joined to a domain does.)
- In Windows 2000, you can disable EFS by deleting the Recovery Agent. In Windows XP, deleting the RA doesn't disable EFS.
- To disable EFS in Windows XP in a workgroup, you must change a registry entry (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Efs\EFSconfiguration to 1).
- To disable EFS on Windows XP in a domain environment, you have to change the Group Policy setting.
-
Windows XP allows you to share encrypted files. Windows 2000
doesn't support
this feature.
Note: Please remember that editing the registry is potentially dangerous. Be sure you have a verified backup before you begin.
Submit your Tech Tips
If you're an experienced IT professional and would like to share your expertise with other Setup32.com readers, why not submit a new tip to our Tech Tips area?
Latest Tech Tips in this category
- Automatically generate and assign strong passwords in Windows XP
- Designate a DRA and recover encrypted files
- Encrypt the local copy of remote files
- Right-click to encrypt
- Discover two ways to disable EFS
- How to import the certificate with private key
- How to export your certificate with the private key
- A few more EFS best practices
Certification Links
Contact Us | Advertise | Authors | Subject Index | RSS Feeds 
Copyright ©2009 Setup32.com