Windows: cipher – encrypt or decrypt

CIPHER

Encrypt or Decrypt files and folders.
Without parameters cipher will display the encryption state of the current folder and files.
NTFS volumes only.

Syntax:

 Encrypt/Decrypt:
    CIPHER [{/e | /d}] [/s:Folder] [options] [/u[/n]] [{PathName [...]]

 New recovery agent certificate:
    CIPHER /r:PathNameWithoutExtension

 Remove data:
    CIPHER /w:PathName

 Backup Keys:
    CIPHER /x[:PathName]

options:

   /e    Encrypt the folders.
         Folders are marked so that files that are added to the folder later
         are encrypted too.

   /d    Decrypt the folders.
         Folders are marked so that files that are added to the folder later
         are encrypted too.

   /s:Folder
         Performs the operation in the folder and all subfolders.

   /a    Perform the operation for files and directories.

   /i    Continue even after errors occur.
         By default, cipher stops when it encounters an error.

   /f    Force the encryption or decryption of all specified objects.
         By default, cipher skips files that have been encrypted or decrypted already.

   /q    Quiet - Report only essential information.

   /h    Display files with hidden or system attributes.
         By default, these files are not encrypted or decrypted.

   /k    Create a new file encryption key for the user running cipher.

   /u    Update the user's file encryption key or recovery agent's key
         to the current ones in all of the encrypted files on local drives
         (that is, if the keys have been changed).
         This option only works with /n.
   /n    Prevent keys from being updated.
         Use this option to find all of the encrypted files on the local drives.
         This option only works with /u. 

  PathName
         A pattern, file, or folder.

   /r:PathNameWithoutExtension
         Generate a new recovery agent certificate and private key, and
         then write them to files with the filename PathNameWithoutExtension.

   /w:PathName
         Remove data from unused portions of a volume.
         PathName can indicate any directory on the desired volume.
         Cipher does not obtain an exclusive lock on the drive.
         This option can take a long time to complete and should only be used when necessary.

   /x[:PathName] PathNameWithoutExtension
         Identifies the certificates and private keys used by EFS for the
         currently logged on user and backs them up to a file.
         If PathName is provided, the certificate used to encrypt the files
         is backed up. Otherwise, the user's current EFS certificate and keys
         will be backed up.
         The certificates and private keys are written to a file name
         PathNameWithoutExtension plus the file extension .pfx.

Notes

It is recommended that you always encrypt both the file and the folder in which it resides, this prevents an encrypted file from becoming decrypted when it is modified.

Cipher cannot encrypt files that are marked as read-only.

Cipher will accept multiple folder names and wildcard characters. You must separate multiple parameters with at least one space.

Examples

List encrypted files in the reports folder are:

CIPHER c:\reports\*

Encrypt the Reports folder and all subfolders:

CIPHER /e /s:C:\reports

To back up the certificate and private key currently used to encrypt and decrypt EFS files to a file named c:\myefsbackup.pfx, type:

CIPHER /x c:\myefsbackup



Digg: DIGG ME

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment

Sponsor & Advertise
Tech Buzz

Computer for SALE!

Howdy everyone, Jimmy B here trying to sell my computer. Basically I have two computers at home right now. A nice machine with Windows 7, good for gaming, tinkering, Linux, programming and that sort of stuff. My other computer is just a normal Dell desktop which I plan to use as my main machine now [...]

Read More »

Zero-Day VBScript plagues Windows XP / 2000.

Apparently there is a new zero-day flaw that affects Windows XP and 2000 computers utilizing VBScript. An attacker can trick someone into visiting a website that binds the F1 key to a VBScript event which ultimately installs malicious code on your machine. Microsoft’s fix: Don’t press the F1 key when windows pop up. LOL. Ok [...]

Read More »

Has Verizon been hacked? Security certificates revoked!

Has Verizon been hacked? Google Chrome seems to think so. Just a few minutes ago I tried to log into Verizon to see why my phone isn’t making any calls and to also see why I can’t make any text messages. I’m going to have to probably assume they haven’t been hacked, but how does [...]

Read More »

My first blocked number in Google Voice.

Today I received my first piece of spam in Google Voice. At first I was really PISSED-OFF but then a feeling of serenity passed over my whole body as I noticed the “block” button. Slowly and cautiously I clicked it, making my day THAT MUCH better. Just knowing that I will no longer be getting [...]

Read More »

3500 Netflix on Linux petitions.

Currently you can not watch Netflix if you are a Linux user and all those new Ubuntu Netbook owners will not be watching Netflix anytime soon either. Watching movies online through Netflix is an awesome service, but worthless to Linux users. Netflix has chosen to only allow Windows and MAC users access to their online [...]

Read More »

Apple bans “android” from apps store.

Apples waving the ban stick around again, this time rejecting an educational iPhone app because it contained the word “Android”. The application? Flash of Genius: SAT Vocab 2.2, an iPhone app developed by Tim Novikof. The app did really well in the Android Developer Challenge that Google puts on and decided to mention that [...]

Read More »