Microsoft KB Archive/828216

= Unexpected behavior in Windows 2000 when you encrypt every file in a user profile folder =

PSS ID Number: 828216

Article Last Modified on 3/1/2004

-

The information in this article applies to:


 * Microsoft Windows 2000 Datacenter Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Professional

-





SUMMARY
When you use the Encrypting File System (EFS) to encrypt files on a Microsoft Windows 2000-based computer, make sure that you encrypt only specific files or folders in a user profile folder in the Documents and Settings folder. If you encrypt every file in a user profile folder, you may experience unexpected behavior the next time that you try to log on.

Note You can encrypt the My Documents folder for any user. The default path of a user's My Documents folder is :\\Documents and Settings\ \My Documents. By encrypting this folder, you encrypt the folder where most documents are stored.



MORE INFORMATION
Encryption technology works by using algorithms that rearrange, scramble, and encode the data in the file. A key pair is randomly generated when you encrypt your first file. This key pair is made up of a private key and a public key. This key pair is used to encode and to decode encrypted files.

The private key that is associated with the file or the folder is encrypted and saved as an individual file in one of the following folders:  For RSA keys:

\Application Data\Microsoft\Crypto\RSA\

 For DSA keys:

\Application Data\Microsoft\Crypto\DSA\



For additional information about using EFS, click the following article number to view the article in the Microsoft Knowledge Base:

223316 Best practices for the Encrypting File System

