Microsoft’s Private Folder 1.0 lets users store files in an
encrypted, password-protected folder.

“Microsoft Private Folder 1.0 is a useful tool for you

to protect your private data when your friends, colleagues, kids or other

people share your PC or account. With this tool, you will get one password

protected folder called ‘My Private Folder’ in your account to save your

personal files,” Microsoft said on its Web site.

To use Private Folder 1.0, users must be running Windows

XP Home Edition, Professional Edition or Media Center Edition with SP2. Users

must also run their machines through Microsoft’s antipiracy system the Windows

Genuine Advantage program (WGA).

But is such an easily installed, unrecoverable,

password-protect folder a benefit or hazard? As an former college professor of

mine said, “it depends”.

Private Folder 1.0 isn’t Microsoft’s first encryption offering.


Encrypting File System (EFS) gives Windows 2000 and Windows XP users the

ability to secure folders on NTFS volumes. This can be a handy tool for the

advanced Windows user, but the average user can have trouble configuring and

effectively using EFS. Third-party encryption applications are also available,

but uses may not know how to find them or still have difficultly configuring

them. For novice users, Private Folder 1.0 seems like a good option—until

he/she forgets the password.

My first problem with Private Folder 1.0 is its lack of a

recovery mechanism. Unlike EFS’ Encrypted Recovery

Agent (ERA), Microsoft Private Folder provides no mechanism to retrieve

encrypted data if the password is lost or forgotten.

My second problem is more a policy concern. Organizational

users shouldn’t be encrypting corporate or institutional data without express

permission. And they shouldn’t use a method with no recovery mechanism—see my

first problem. What happens with the user leaves the organization and forgets

to share their password or forgets their password and has placed critical files

in the private folder?

For a more complete description and detailed look at Private

Folder 1.0, check out this

comprehensive screenshot gallery. It has over 30 images that show the

installation process, Private Folder in action, and what happens with you

uninstall the application.

Overall, I like the idea of Microsoft Private Folder 1.0,

but think the implementation needs work. Microsoft would go along way toward easing

my, and I believe many other IT pros, concerns by adding recovery and/or

administration mechanisms.