CIPHER

Displays or alters the encryption of directories [files] on NTFS partitions.

CIPHER /?

CIPHER [/E | /D] [/S:dir] [/A] [/I] [/F] [/Q] [/H] [/K] [/U [/N]] [pathname [...]] | /R:pathname_noextension | /W:pathname | /X[:pathname] path_without_extension

Displays the encryption state of the current directory and any files it contains:

CIPHER

pathname (NT2000)

Specifies a pattern, file or directory.

You may use multiple directory names and wildcards. You must put spaces between multiple parameters.

/? (NTXP)

Display help.

/A (NT2000)

Operation for files as well as directories. The encrypted file could become decrypted when it is modified if the parent directory is not encrypted. It is recommended that you encrypt the file and the parent directory.

/D (NT4)

Decrypts the specified directories. Directories will be marked so that files added afterward will not be encrypted.

/E (NT2000)

Encrypts the specified directories. Directories will be marked so that files added afterward will be encrypted.

/F (NT2000)

Forces the encryption operation on all specified objects, even those which are already encrypted. Already-encrypted objects are skipped by default.

/H (NT2000)

Displays files with the hidden or system attributes. These files are omitted by default.

/I (NT2000)

Continues performing the specified operation even after errors have occurred. By default, CIPHER stops when an error is encountered.

/K (NT2000)

Create new file encryption key for the user running CIPHER. If this option is chosen, all the other options will be ignored.

/N (NTXP)

Prevents keys from being updated. Use this option to find all of the encrypted files on the local drives. This option only works with /u.

/Q (NT2000)

Reports only the most essential information.

/R:pathname_noextension (NTXP)

Generates a new recovery agent certificate and private key, and then writes them to files with the file name specified in pathname_noextension. If you use this option, cipher ignores all of the other options.

/S:dir (NT2000)

Performs the specified operation on directories in the given directory and all subdirectories.

/U (NTXP)

Updates the user's file encryption key or recovery agent's key to the current ones in all of the encrypted files on local drives (that is, if the keys have been changed). This option only works with /n.

/W:pathname (NTXP)

Removes data on unused portions of a volume. PathName can indicate any directory on the desired volume. If you use this option, cipher ignores all of the other options.

Removes data from portions of the volume it can access and have not been allocated to files or directories. It does not lock the drive, so other programs can obtain space on the drive, which cipher cannot erase. Because this option writes to a large portion of the hard volume, it might take a long time to complete and should only be used when necessary.

/X[:pathname] path_without_extension (NT2003)

Identifies the certificates and private keys used by EFS for the currently logged on user and backs them up to a file. If PathName is provided, the certificate used to encrypt the file specified are backed up. Otherwise, the user's current EFS certificate and keys will be backed up. The certificates and private keys are written to a file name specified by path_without_extension and are given the file name extension .pfx. If you use this option, cipher ignores all of the other options.

none.

Encrypting or decrypting files: To prevent an encrypted file from becoming decrypted when it is modified, it is recommended that you encrypt both the file and the folder in which it resides.

Using read-only files and folders: Cipher cannot encrypt files that are marked as read-only.

none.

none.

External

DOS

none

Windows

none

Windows NT

NT2000 NTXP NT2003