i have 100 gb worth folder which i have encrypted so other users can't see it using another OS. but i have only encrypted main folder not subfolders since it takes so many hours to complete. encrypting a single main folder was very quick but should that be enough to deny others accessing this folder?
Really,no one can confirm that,since nothing is 100% guaranteed.Nothing is perfect. Editlease Google it and you'll find some answers.
No Your system may already be compromised, if you have both efs components stored on disk (cer/pfx). In this case I suggest you get a fast USB Stick and move all files onto it. Disadvantage you have to plug in/unplug each time. Complete shutdown required so nothing resides in memory, all backup/filerecovery have to be deactivated .... If i were you i d start from scratch: 1) Install from Recov Agent ONLY cer (create a Recov Agent from a Windows which gets deleted having 2 files cer+pfx) 2) Write protect systOS em (Faronics, or MS), create DATA Partition separate 3) Create efs user by encrypting a tiny file, export both cer and pfx to a stick then reboot 4) Unprotect system, install/import user cer (only THAT), reboot protected 5) Before encrypting new files on DATA Partition import pfx on write-protected c:/, upon reboot it will be gone. In case of "error" use pfx from Recov Agent To my knowledge i doubt such a system can be easily "Cracked". But yes, there s a trade-off between convenience and security ... it all depends how sensitive your DATA is