Windows has native support for file encryption. This is called Encrypting File System or EFS in short. This post explains how to use the command
cipher.exe to encrypt files and directories from Windows command line.
To encrypt files from command line
To perform encryption on a single file you can run the below command.
cipher /A /E filename
To perform encryption on a list of files:
cipher /A /E filename1 filename2 filename3
To decrypt a file
cipher /D fileName
By encrypting a folder we can make sure that all the files that will be added to the same folder in future will be automatically encrypted.
To encrypt a directory we can run the below command.
cipher /E directoryPath
To encrypt all the files in a folder:
Cipher command accepts wild cards. So we can run the below command to encrypt all the files in a folder.
cipher /E directoryPath*
For example to encrypt all the files in the folder E:docs, the command would be as below.
cipher /E E:docs*
Encrypt a folder including all subfolders:
We can add /S switch to perform encryption recursively on each of the sub folders.
cipher /E /S:directoryPath
Note that this command does not encrypt the existing files in the folder and its sub-folders. Only the files that will be added now on wards will be encrypted.
To encrypt folder and files:
Encrypt a folder and all the files and sub-folders in that directory.
cipher /A /E / S:directoryPath
To decrypt files and folder:
cipher /D filename
The commands for file/folder decryption are similar to the ones mentioned in the above cases. You just need to replace /E with /D.
EFS Vs BitLocker
Here’s a good article that talks about how EFS and Bitlocker encryptions work. In short, one can still use EFS even if the drive is encrypted using BitLocker. So if someone wants to opt out of Bitlocker but wants to encrypt selected files/folders, EFS & cipher are the right tools to look for(But I wonder what kind of use case would have such requirement).
For EFS supported editions and other information check out this post Encrypting File System supported editions in Windows.
thank you very much for solution
I run cipher /e and cipher /d message that c encrypted received.
now I wanna ignore this command and restore to before-done this command
I run cipher /e filename command. I got error message “The request is not supported”. I have tried a lot. But I am unable to recover this error. Can u help me?
Does this not require a PKI environment with Auto Enrollment enabled? Or is it doing its own signing?
but the encrypted file is still can be opened just like a normal / unencrypted files.
my all file is effected by above id.
pls tell me how to recovery my injurious file
I’ve tried these commands and get an error message stating “The Request Is Not Supported”. Does this mean my computer can’t run cipher?