How to use Microsoft’s Cipher

Microsoft’s Cipher leverages Windows’ built-in encryption features to protect sensitive data and improve security. Microsoft’s Cipher is a command-line tool named cipher.exe that is part of the Windows operating system and is used for managing file encryption and secure data handling.

What Microsoft’s Cipher can do
[1] Encrypts and decrypts files and folders
It interacts with the Encrypting File System (EFS) on NTFS drives to encrypt or decrypt data at the filesystem level. You can tell it to mark files or directories so that Windows.
- Encrypt a single file: cipher /e filename.txt
- Encrypt a folder: cipher /e C:\Path\To\Folder
- Encrypt a folder and all subfolders/files: cipher /e /s:C:\Path\To\Folder
- Decrypt a single file: cipher /d filename.txt
- Decrypt a folder: cipher /d C:\Path\To\Folder
- Decrypt a folder and all subfolders/files: cipher /e /s:C:\Path\To\Folder
[2] Shows encryption status
Running cipher without parameters will report which files in the current directory are encrypted and which are not.
- Check encryption status: cipher
[3] Overwrites deleted data securely
With the /w: option, cipher will securely overwrite (wipe) unused space on a drive. This makes previously deleted files much harder — or practically impossible — to recover using forensic tools.
[4] Manages EFS keys and recovery
The tool can create and manage encryption keys and recovery agents (for instance, generating certificates or adding/removing users who can decrypt data).

- Not advisable to use. If you do want to use it, please check Microsoft's own pages before doing so.

How to use to overwrite your data securely
To remove as much data as possible, please close all other applications while running Cipher.

- Type 'Windows' (key) + 'R'
- Type 'cmd'
- Type 'cipher /w:C:\' (this will wipe the free space so that deleted files can no longer be recovered.