Since Windows 2000, Microsoft has included an Encrypting File System built within the OS. This can be used to encrypt your important data using a series of keys.
The Windows 8 Encrypting File System (EFS) uses the Rivest Shamir Adleman (RSA) algorithm to encrypt files and folders that contain private information. To encrypt the data, EFS uses a series of keys, including the User Password, DPAPI Master Key, File Encryption Key (FEK or bulk symmetric key), and SYSKEY. These steps will show how to generate the file encryption certificate and key required to use EFS in Windows 8.
Prerequisite: If you’re using a Local Account instead of a Windows Live account, you must have a password set on your account.
Right click the Start Menu preview tile. Choose Control Panel.
Click User Accounts and Family Settings.
Click User Accounts.
In the User Accounts window, click Manage your file encryption certificates in the left menu.
The Encrypting File System wizard will launch. Click Next.
Make sure the Create a new certificate radio button is selected. Click Next.
Make sure the A self-signed certificate stored on my computer radio button is selected. Click Next.
Your certificate has now been created. You can view it by clicking the View certificate button. Now you need to back it up. Verify that the Back up the certificate and key now radio button is selected. Click Browse and browse to My Documents or wherever you would like to save the certificate backup file. Enter a password that you will remember into both boxes. Click Next.
If you don’t yet have any files with critical information that needs encrypting, check the I’ll update my encrypted files later checkbox. If you do, use the browser provided to find the files. Click Next.
Now that you’ve created the certificate, backed it up, and potentially encrypted your files, click Close.