Windows 7 Backup Encryption and Your File Encryption Key

You will learn Windows 7 backup encryption workarounds and fixes the encryption problem that plagues many people - "Backup your file encryption key".

by Ivy Published on December 17, 2024

by Ivy Updated on October 29, 2024

Share this:

The case

User case 1: 

"Hi, I am using Windows 7 Ultimate. I am using Windows 7 Backup to backup my data to my USB thumb drive. It backups fine, but I want to know if I can encrypt the backup too with Windows 7. Can it?"

User case 2: 

“I recently installed Windows 7 ultimate on my PC. After setting up my PC I was prompted by a popup to backup my encryption keys, to my surprise, I hadn't used any drive/file encryption tool. I thought my system was compromised, and thus, began searching for what could have caused this action. 

I came to know about the cipher command on this forum and gave it a try to find out if there were any folders/ files that have been encrypted recently, but the tool shows nothing (I am attaching a screenshot of my command prompt).”

Encrypting files are the best way if you don't want to disclose your personal data, but sometimes users report that they are asked to backup your file encryption certificate and key in Windows 7, just like in the two cases above.

 Don't worry about it too much and I'll show you workarounds for Windows 7 backup encryption and solutions to Windows 7 backup your files encryption key.

Can I perform Windows 7 backup encryption?

Disappointingly, the two Windows 7 backup software: Backup and Restore and File History does not provide you a way to encrypt the Windows image backup.

In this case, you can choose to directly encrypt backup image with third-party file backup software. And you can also encrypt the entire disk with BitLocker Drive Encryption if you are not minding sudden data loss due to a system crash or disk failure. 

Encrypt backup image in Windows 7 with third-party software (Directly)

To perform Windows 7 backup encryption, you need the best encryption backup software - AOMEI Backupper Professional. Using it you can not only simply encrypt backup image, but also customize password you can easily remember. No one knows it unless you tell them. And you can enjoy the following advantages:

Encrypt backup automatically whether you want to backup system, disk, partition or files, you can use daily, weekly, monthly, event triggers or USB plug in feature. 
Backup only changed files with incremental backup or different backup. 
Always keep enough space for new backups by deleting old backup images with one of the automatic backup cleanup methods. 
Backup and encrypt image files without booting into Windows: It allows you to create bootable media or recovery environment. Both of them help you boot the computer and backup and encrypt image file in the recovery environment. 

To get started, please download this software now! It supports Windows 11/10/8.1/8/7/XP and Vista (all 32-bit and 64-bit versions). For server users, try AOMEI Backupper Server.

Download Free TrialWin 11/10/8.1/8/7/XP
Secure Download

To show you how to create Windows 7 system backup and encrypt the Windows 7 backup, just refer to the following steps:

Step 1. Perform the encryption backup software - AOMEI Backupoper, choose Backup > System Backup.

Step 2. Choose a destination for Windows 7 system image file, and customize Task Name if required.

Step 3. Click Options > Enable encryption for backups at the General tab. Input the passwords twice and click OK. You can also split, compress, comment, use VSS, enable email or SMS notification, and so on.

 

Step 4. Except for backup options, you can set schedule backup and backup scheme to run this task automatically and worry-free. 

✿ Schedule Backup: It allows you to automatically backup system on a regular basis (Daily, Weekly, Monthly), or use Event triggers and USB plug-in feature. The last one is recommended if your target drive is USB and don't want to make it always connected. 

Backup SchemeIt mainly consists of 3 backup methods (Full or Incremental or Differential Backup )and 3 cleanup methods. The last two backup methods backup only changed files and all the cleanup methods delete old backup image automatically. If the backup drive is relitive small, it can help you solve your urgent needs for backup.

Step 5. Press Start Backup >> to create Windows 7 system image and perform Windows 7 backup encryption.

Encrypt entire backup drive in Windows 7 with Bitlocker Drive Encryption

Step 1. Input bitlocker in Windows 7 search box and choose Manage BitLocker.

Step 2. Find the drive that contains the Windows 7 backup and expand it, click Turn BitLocker on.

Step 3. Input your passwords, and click Next.

Step 4. Choose a destination to save the BitLocker Recovery Key, and click Next.

Step 5.  Then follow the on-screen guide to set up, and press Start Encrypting to encrypt the drive that contains Windows 7 backup.

 

Solutions to Backup Your File Encryption Certificate and Key Issue

The Encrypting File System (aka EFS) is a Windows built-in encryption tool to encrypt your files and folder in NTFS file systems. So, only if you have enabled the EFS encryption, you may receive the prompt - "Back up your file encryption certificate and key". 

And this usually happens after the first time you encrypt a file or folder or manually create a new key using the Cipher command. In this case, click Back up now (recommended) on the window to protect your file encryption certificate and key. 

If you don't use EFS to encrypt your files or folders but still receive this prompt, it is possible that third-party software or malware has enabled EFS encryption and is trying to encrypt your files. In this case, you can choose to find the encrypted files and then decrypt it or directly delete the certificate if you don't find any encrypted files. 

Way 1: Decrypt the encrypted files in Windows 7

Step 1. Type cmd in the search box and select Run as administrator.

Step 2. Type the following command and press Enter to find all encrypted files (including the hidden files). 

cipher /u /h > %UserProfile%\Desktop\Encrypted-Files.txt

Step 3. Navigate to your desktop and open the "Encrypted-Files.txt" in Notepad, you will see  a list of the encrypted files. 

Step 4. Right-click the encrypted file or folder and change its File ownership to Personal. After decryption, the padlock will be removed, you can easily backup files without such notification.

Way 2: Delete certificate key to undo this prompt 

Step 1. Input certmgr.msc into search box, press Enter to open Certificate Management window.

Step 2. Expand Personal > Certificates > Choose the certificate and delete it. Do the same for Trusted People.

Step 3. After that, reboot the computer to take effect.

Summary

Although Microsoft does not provides you a way to perform Windows 7 backup encryption, you still can other workarounds to encrypt backup image or entire disk. I prefer the third-party tool in this article, since it not only help you encrypt backup image, but also have many useful features, such as, schedule backup, backup scheme, etc.

In addition, you still can use it to upgrade HDD to SSD for quick system and data migration. And you can also sync files in real-time if you modify files very frequently. All in all, it's worth trying software!

Ivy · Editor
Ivy is an editor of AOMEI Technology, she covers backup & restore,hard disk & partitions management and cloud files transfer and so on for AOMEI. She is an outgoing girl and enjoys helping people find solutions to their problems. She loves traveling, eating, reading and so on. She usually hangs out with friends at her leisure time.