Results 1 to 1 of 1

Thread: Change EFS Public Key Policy

  1. #1
    Administrator Lloyd_mcse's Avatar
    Join Date
    Jun 2008
    Location
    Sudbury, Suffolk
    Posts
    2,917

    Default Change EFS Public Key Policy

    If you feel the standard EFS Certificate is not good enough you can change the type and public key size...

    RSA Options
    2048 Bit SHA1 (Default)
    4096 Bit SHA1
    8192 Bit SHA1
    16384 Bit SHA1

    ECC Options
    256 SHA256
    384 SHA384
    521 SHA512

    To do this go to...

    Control Panel -> Administrative Tools -> Local Security Policy

    And browse to

    Public Key Policies -> Encrypting File System,

    Local Security Policy .png

    and right click on the folder "Encrypting File System" and click Properties, which opens this windows...

    General-EFS-Properties.png

    Change "File Encryption using Encrypting File System (EFS)" from "Not Defined" to "Allow" and change "Elliptic Curve Cryptography" to "Allow". If you want to create a ECC certificate this must be set to "Require".

    Now click on the Certificates tab...

    Certificates-EFS-Properties-default.png

    You should see the above window, here you can select the strength of both RSA and ECC certificates.
    Once you have selected what you want click Apply and Ok to close the window.

    To create you new certificate follow this guide making sure you update your previously encrypted files so they are encrypted with your new certificate.

    Enjoy.
    Last edited by Lloyd_mcse; 13-03-2015 at 10:07.
    Main PC :
    | Intel i9-9900K @ Default
    | ASUS Maximus XI Hero
    | Corsair Vengeance RGB PRO 32GB 3200MHz
    | ASUS TUF RTX 3060 OC Edition 12GB
    | Samsung 980 PRO 1TB NVMe
    | Samsung 970 EVO Plus 2TB NVMe
    | Sound Blaster AE-7
    | Corsair iCUE H150i ELITE LCD
    | ​Corsair iCUE 5000X RGB
    | Corsair HX850 Platinum
    | ASUS ProArt PA279CV 27" 4K
    | Windows 11 Professional x64
    | Full PC List |


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •