- Encrypting File System (EFS) is a built-in encryption tool for Windows that encrypts files and folders on NTFS drives for the purpose of protecting them from unwanted access. EFS allows encryption and decryption of transparent files for user accounts using advanced, standard encryption algorithms. Any individual or application without the proper file encryption key cannot open any encrypted files and folders. Encryption is the most powerful protection that Windows provides to its users to secure their files and folders.
- This article will show you how to enable or disable NTFS file encryption for all users in Windows 7, Windows 8 and Windows 10.
- You need to login as an administrator to enable or disable NTFS file encryption.
- Note: If NTFS file encryption is disabled, recently encrypted files are still encrypted.
Enable or disable NTFS file encryption in Local Group Policy Editor
Note: Local Group Policy Editor is only available on Windows 7/8/10 Pro, Windows 7/8/10 Enterprise and Windows 10 Education editions.
All other versions can use the second way below.
- Step 1: Open Local Group Policy Editor.
- Step 2: In the left pane of Local Group Policy Editor, navigate to the location below.
Computer Configuration\Administrative Templates\System\Filesystem\NTFS
- Step 3: In the right pane of NTFS in the Local Group Policy Editor, double-click the policy Do not allow encryption on all NTFS volumes to edit it.
- Step 4: To enable NTFS file encryption, select Not Configured or Disabled, then click OK.
- Note: Not Configured is the default setting.
- To disable NTFS file encryption, select Enabled and click OK.
- Step 5: When finished, close Local Group Policy Editor.
- Step 6: Restart the computer to apply changes.