What type of encryption is used by the encrypting file system feature in windows?

Windows has a couple of strong built-in security tools that you can use anytime, but have you heard of the Encrypting File System (EFS) feature? Simply put, EFS is a tool that helps you easily encrypt all your Windows files and folders.

But what are the benefits of this tool, and how do you enable or disable it? Let’s find out.

What Are the Benefits of Using the Encrypting File System Feature?

Windows' EFS feature allows you to easily encrypt and decrypt files on your Windows NTFS drives. Once you’ve encrypted files with this tool, other people won’t be able to access them unless they have your password.

One of the tool’s advantages is that it allows you to encrypt a specific folder rather than the whole hard drive partition. Also, if you move a file to an EFS-encrypted folder, the file will automatically be encrypted.

And now we're up to speed with EFS, let’s take a look at how you can enable or disable this tool.

1. How to Enable or Disable EFS Using the Command Prompt

The Command Prompt is a critical Windows tool that you can use for various purposes. You can use it to configure various settings or troubleshoot system problems.

Let’s take a look at how the Command Prompt can help you enable the EFS tool:

1. Press Win + R to open the Run command dialog box.
2. Type CMD and press Ctrl + Shift + Enter to open an elevated Command Prompt.
3. To enable the EFS feature, type the following command and press Enter:

If you want to disable this tool, type the following command and press Enter:

2. How to Enable or Disable EFS Using the Local Group Policy Editor

The Local Group Policy Editor can also help you enable the EFS tool. However, this method will work if you’re using Windows 10 Pro, Enterprise, or Education versions. But if you have Windows 10 Home, you can try the various ways to open the Local Group Policy Editor.

Now, here’s how the Local Group Policy Editor can help you enable the EFS tool:

1. Press Win + R to open the Run command dialog box.
2. Type gpedit.msc and press Enter to open the Local Group Policy Editor.
3. Navigate to Computer Configuration > Administrative Templates > System > Filesystem > NTFS.
4. On the right-hand side pane, double-click on the Do not allow encryption on all NTFS volumes setting.

In the next window, select Not Configured or Disabled. Press Apply and then press OK to apply these changes.

If you’d like to disable the tool, open the NTFS settings as per the previous steps. Select the Enable option, press Apply, and then press OK. Finally, restart your PC to apply the changes.

3. How to Enable or Disable EFS via the Local Security Policy

The Local Security Policy is another reliable Windows tool. Here are the steps for enabling EFS via the Local Security Policy:

1. Press Win + R to open the Run command dialog box.
2. Type secpol.msc and press Enter to open the Local Security Policy.
3. Navigate to Security Settings and click the drop-down menu under Public Key Policies.
4. Right-click on Encrypting File System and select Properties.

In the next window, navigate to the General tab and select Allow under the File encryption using Encrypting File System (EFS) option. Press Apply and then press OK. Restart your system to apply the changes.

To disable the EFS tool, navigate to the Encrypting File System Properties window as per the previous steps. Select Not defined or Don’t allow, press Apply, and then press OK. Restart your PC when you finish.

4. How to Enable orDisable EFS Using Services

The services tool helps you configure various system settings with ease. In this case, we’ll show you how it can help you enable EFS.

1. To get started, press Win + R to open the Run command dialog box.
2. Type services.msc and press Enter.
3. In the next window, scroll down and double-click on the Encrypting File System (EFS) option.

Click the drop-down menu next to the Startup type option and select Automatic. Click Apply and then click OK to save these changes. When you finish, press the Start button below Service status.

To disable EFS, open the Services settings as per the previous steps. Select the Disabled option on the Startup type drop-down menu. Press Apply and press OK to apply these changes.

5. How to Enable or Disable EFS Using the Registry Editor

You can also enable or disable EFS using the Registry Editor. However, this will require making some changes to critical registry keys. So, you might want to consider backing up the Registry before proceeding.

Otherwise, here’s how you can enable or disable EFS via the Registry Editor:

1. Press Win + R to open the Run command dialog box.
2. Type Regedit and press OK to open the Registry Editor.
3. Navigate to Computer > HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Policies.
4. Right-click on any empty space on the right-hand side and select New > DWORD (32-bit) Value.

Name the DWORD value as NtfsDisableEncryption and press Enter. To enable EFS, double-click the NtfsDisableEncryption value, set its Value data to 0, and press OK.

To disable EFS, double-click the NtfsDisableEncryption value, set its Value data to 1, and press OK.

How to Encrypt or Decrypt Files and Folders With EFS

You now know how to enable or disable the EFS tool on a Windows device. But how do you encrypt your files and folders with this tool? Let’s find out.

1. Press Win + E to launch File Explorer.
2. Right-click on a file or folder and click Properties.
3. Click the Advanced button in the next window.
4. Chek the Encrypt contents to secure data box and click the OK button.

In the pop-up window, select either the Apply changes to this folder only or Apply changes to this folder, subfolders, and files option. Press OK when you finish.

Restart your PC to apply these changes.

If you want to decrypt your files, navigate to the Properties window as per the previous steps. Click the Advanced button and uncheck the Encrypt contents to secure data box. Click OK to finalize the process.

Protect Your Files With the Windows Encrypting File System

If you’re looking for a quick way to encrypt your Windows files, try the Encrypting File System feature. The tool is free and quite easy to use. To enable or disable it, simply apply the tips we’ve provided.

But if you want sophisticated file encryption tools, you can try other third-party apps like BitLocker.