Windows 2000 includes Cipher.exe, a command line tool to manage encryption using EFS ( Encrypting File System).
A newer version (June 2001) of the tool provides the ability to permanently overwrite (or "wipe") all of the deleted data on a hard disk. This improves security by ensuring that even if an attacker gains complete physical control of a Windows 2000 computer, they would be unable to recover previously-deleted data.
NOTE: You MUST install Cipher.exe by using the installer package instead of copying the new version of Cipher.exe to your computer. If you copy Cipher.exe file, it will likely destroy all the data on your disk.
NOTE: You MUST close all programs before your run Cipher.exe.
"Cipher.exe is not a cure-all that makes it safe to store sensitive data in a plain-text format. Although you can use this tool to remove sensitive data from a drive, if best practices are followed, such data would not normally be created on the drive. For additional information about these best practices, click the article number below to view the article in the Microsoft Knowledge Base:
To use Cipher.exe to overwrite all deallocated data:
1. Close all programs.
2. Open a CMD prompt and type:
cipher /w:<Path to Folder Name you Wish to Clean>
NOTE: See tip 2518 - The CIPHER command.
For additional information about EFS, search this site, and visit http://msdn.microsoft.com/library/periodic/period00/EFS.htm.
Download the appropriate file:
English (US):Q298009_W2K_SP3_x86_en.exe contains the following files:
Date Time Version Size Filename ------------------------------------------------------ May-30-2001 16:25 5.0.2195.3653 36,112 Cipher.exe May-26-2001 07:48 5.0.2195.3649 512,272 Ntfs.sysRelease Date: Tuesday, June 19, 2001