File encryption (AxCrypt)

By encrypting files they are no longer readable without the unique key or password, which keeps the information locked for others who don't have access to the key or password. But be careful applying encryption: when the unique key or password is lost, the files can no longer be decrypted!

Encrypting an e-mail attachment
It is safer to encrypt confidential files before they are send by e-mail because there is a risk the e-mail is read by someone who picked up the e-mail before it was delivered. It is possible that the e-mail is read by someone else because the password of the mailbox is known by others. For these reasons, it is better to encrypt the confidential files to make sure they can't be read by someone you don't know or someone you don't want to read the attachment.

TIP: Especially when a big confidential file is send with a service like, it is wise first to encrypt it. Also think of encrypting files which are carried on an USB-stick!

Using AxCrypt for encryption
The free tool AxCrypt (download: uses two different ways to encrypt a file: using a password (passphrase) or a key-file. Because AxCrypt is integrated in the Windows Explorer, encrypting is done easily by right clicking a file and to select AxCrypt.

AxCrypt: encryption and decryption of files

The first option (Encrypt) encrypts the file by replacing it (the file extension of the original file is changed to AXX). Because the original file is overwritten, there is a risk that the file can not be restored in case something went wrong while encrypting the file. For this reason it is better to use the second option (Encrypt a copy) to create an encrypted copy (with the file extension AXX as well) of the original file. The third option encrypts a copy of the original file to an executable file (EXE). When this encrypted EXE file is send by e-mail doesn't have to install the program, the passphrase is enough to decrypt the file. When the receiving person has installed the program (and has received the key-file), it is better to use the option Encrypt a copy. The encrypted file will be a lot smaller then the original, which makes zipping no longer needed. Encrypting files this way, makes exchanging file a lot safer!

TIP: When the original file is overwritten with AxCrypt and the passphrase of key-file is lost, the file can no longer be decrypted. Furthermore, it is wise to save a copy of the installation files! When the website is no longer online after reinstalling Windows, decrypting the files is no longer possible!

ATTENTION: The security rules of Outlook Express (XP), Windows Mail (Vista) and Outlook make it difficult (almost impossible) to open attached executable files (EXE). To get access to the executable file in Outlook Express and Windows Mail, click the button to forward the e-mail. This work around does not work for Outlook but getting access to the unsecure attachments is done easily with the free add-on Outlook Attachment Options (download: This add-on is available in Outlook: Tools, Options, tab Attachment Security & Options. For security reasons it is wise to use this option only when the attached files are secure for sure.

The Windows Encrypted File System (EFS)
Both Windows XP Pro and Windows Vista are able to encrypt files as well. This encryption method is known as Encrypted File System (EFS) and is only available for partitions with the NTFS file system. Encrypting a file with EFS is done by right clicking it and to select Properties, button Advanced, and to activate the option Encrypt contents to secure data.

Windows Encrypted Filesystem (EFS)

Decrypting the files can only be done with the same user account which encrypted the files. As long as the user account can be logged on, access to the encrypted files is still possible. Because the same user account is needed to decrypt the files, there is a risk of loosing your data in case the user account is no longer accessible. So, be careful applying EFS, before you know your files can no longer be accessed!

Copying the unique Encrypted File System-key to a safe location
By saving the unique EFS-key to a disk or USB-stick, the encrypted files can be read later on using a different computer or user account. Saving the key is done in the Internet Explorer, Tools, Internet Options, tab Content, button Certificates, tab Personal or by the sub User Accounts in the Control Panel, task Manage your file encryption certificates (Windows Vista). Save the certificate to a safe location, which is not 'encrypted' ;-).

Alternative free encryption tools

Windows 7
Windows Vista
Windows XP
AVG antivirus
Comodo Internet Security
Back-up/file Sync
Free software
Wireless network
Sharing files
Installing Windows in 10 steps
Backup data/drivers
Resizing partitions
Move personal files

2001-2016 - - SchoonePC - Rotterdam - The Netherlands