7

I'm running Windows 7 Professional.

Is there any way to make a user's directory (anything under C:\Users\Foo) encrypted? I'm looking for something like Apple's FileVault feature.

When I login as an administrator and attempt to access a standard user account's files, I can access them without having to enter any password. This means that standard user accounts are not encrypted by default. I'd prefer to use a standard user account but am willing to use an Administrator account if it's the only way.

One important thing to realize is that I'm not simply looking for a solution that prevents access to the folder. I'm looking for a solution that actually encrypts the hard drive such that if someone were to plug in that hard drive to another computer, they wouldn't be able to access the user's folder's content. Additionally, the encryption algorithm should be fairly secure and not use an old/weak algorithm. The solution doesn't have to encrypt the entire hard drive, just anything under the user's folder.

Improve this question

2 Answers 2

Reset to default
5

There is encryption built into NTFS. Just right-click on the folder you want to encrypt, go to Properties, Advanced and choose "Encrypt contents to secure data".

See this for more detail instructions: http://mintywhite.com/windows-7/7security/encrypt-files-hard-drive-windows-vistaseven/

Improve this answer
3
  • 2
    Make sure you don't accidentally encrypt the decryption key itself. In Windows XP, they're kept in %APPDATA%\Microsoft\SystemCertificates. Make a backup of your EFS key just in case; if things go wrong, it can be imported to another account for decryption.
    – grawity_u1686
    Commented Feb 12, 2011 at 20:58
  • @grawity I just tested on Windows 7, and it is actually not possible to encrypt that folder. I get a generic "Access denied" error if I try. I enabled encryption on my home folder, skipped the folders I was not allowed to encrypt when prompted, rebooted, and everything works as usual.
    – Zero3
    Commented Jun 26, 2016 at 12:52
  • 1
    I found that Chrome needs ...\AppData\Local\Temp unencrypted in order to update though. Likely because the update process wants to run an executable from there using another user account.
    – Zero3
    Commented Jun 26, 2016 at 13:36
1

What your trying to accomplish (not being able to see files if the drive is slaved) is best handled by a full disk encryption. BitLocker is built into your version of 7, why not just use that?

This way you don't have the make the assumption that only files within the profile are worth encrypting as its possible for important data to end up elsewhere on the disk.

Improve this answer
2
  • 2
    According to this comparison chart, BitLocker is only supported in the Ultimate version.
    – Senseful
    Commented Feb 12, 2011 at 17:41
  • I should have checked before I responded then, too bad as it would fit the bill. An Any Time Upgrade from Pro to Ultimate shouldn't be too expensive, something to think about.
    – edusysadmin
    Commented Feb 13, 2011 at 4:55

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .