Export your EFS certificate (Windows 2000/XP/Server 2003)

The Encrypting File System (EFS) provides an extra measure of protection for your sensitive data files, but sometimes EFS can be over-protective, keeping you out of your own files. If you should have to reinstall the operating system, you may not have access to the encrypted files you backed up to another disk.

That's because EFS uses a digital certificate to verify that you're really you, and even though you re-create your user account with the same name and password after the reinstall, it's not considered to be the same account because it doesn't have the same Security Identifier (SID). More importantly, when you wipe out the OS, you wipe out your EFS certificate.

To prevent this from happening, you should also back up (export) your EFS certificate with its private key and store it in a safe place. To back up your certificate, open the Certificates MMC (you may need to open an empty MMC by typing mmc in the Run box and then add the Certificates snap-in to it by selecting File | Add/Remove Snap-in | Add button). In the right pane, click the certificate that shows EFS as Intended Purpose. Select Action | All Tasks | Export. The Certificate Export Wizard walks you through the steps. Be sure you select to export the private key and enter a password to encrypt the private key.