Secure data

Thankfully the vast majority of computer users don't have ANY secure data to worry about.

Forms of secure data include encrypted files and folders, and Internet Explorer form field data including passwords. Secure data must be backed up in a special way. Otherwise, in the event that the Windows operating system or logon user profile (that is privileged to access that secure data) is somehow corrupted or lost beyond repair, then that secure data will be essentially lost. So backing up just the raw data alone is not enough! A certificate or cryptographic key must also be backed up.

What is a "certificate"?

You can think of a "certificate" as a sort of key that allows you to open and access SECURE DATA such as encrypted folders and files, and Internet Explorer passwords. Certificate can only be exported (or backed up) while logged on as the user that is privileged to access their secure data.

How do I know if I have encrypted folders and files?

If you don't know how to encrypt files and folders, let alone what encrypted files are, then chances are you don't have any on your computer. To be safe, be sure to verify that nobody ELSE who uses your computer may have encrypted any files and folders.

By default Windows does not encrypt folders. Folders and / or files must be manually encrypted by a user. This is done by right clicking a folder, then selecting "properties", the clicking the "advanced" button from the "general" tab, then checking the box next to "encrypt contents to secure data", then clicking "OK" and then clicking "apply". Once encrypted, if more than one "user" logs on to the computer, then other users will NOT be able to access that encrypted folder. Encrypting folders often makes sense in work environments when you want to restrict access to sensitive data. The downside is that Windows' NTFS encryption is so secure that if a certificate or cryptographic key is not backed up and if the computer becomes fatally unbootable, then the encrypted data is pretty much lost for good.

Once encrypted, the text next to an encrypted folder turns green....

 

What are Internet Explorer passwords?

If you use the Internet Explorer browser to remember your user names and passwords that you use to log on to various web sites, this data is encrypted. Internet Exporer passwords are typically stored on your computer in a file called "FormData.ini". But don't bother trying to copy and move this file to a new computer, expecting to access your Internet Explorer passwords as you always did. Having just this file alone won't cut it. You must export a cryptographic key as well.

Internet Explorer can store and remember form field data such as user names and passwords that are required to log in to various web sites such as Facebook....

 

NOTES REGARDING BACKING UP SECURE DATA THROUGH RAW DATA BACKUP

Using the "raw data backup" method alone does not back up Internet Explorer passwords and/or certificates (if any) UNLESS the respective cryptographic key(s) were first exported.

 

If your computer is healthy enough to boot to the desktop, the command prompt can be used to back up encrypted files and folders by simply removing encryption attributes. However this method will NOT unencrypt Internet Explorer passwords and certificates. Ask for details.

 

CONCLUSION: If you have critical "secure data" such as encrypted folders & files, or Internet Explorer passwords then backing up a certificate or appropriate registry key(s) is a MUST!!!  If your hard drive fails, then even your backed up secure data will be essentially "unopenable" without the corresponding certificate or associated registry key.