Cipher command line tool in Windows 10/8/7

Cipher.exe is a built-in command line tool in the Windows operating system that can be used to encrypt or decrypt data on NTFS drives. This tool also lets to securely delete data by overwriting it.

Cipher command line tool

Cipher.exe command line tool

Whenever you create text files and encrypt them till such a time that the encryption process is completed, Windows will create a backup of the file, so that in case anything was to go wrong during the encryption process, the data would still be recoverable using this file. Once the encryption process is completed, the backup is deleted. But then again, this delete backup file can be recovered using data recovery software, until it is overwritten by other data.

When you use this built-in tool, it creates a temporary folder named EFSTMPWP on the system partition. It then more temporary files in that folder, and writes random data comprising of 0’s, 1’s and other random numbers to those files.

Cipher.exe thus allows you not only to encrypt and decrypt data but also to securely delete data. Thus, many use it to delete files permanently too.

To overwrite deleted data, one can use the  /w switch.

Open the WinX menu on your Windows 10 and select Command Prompt. Type the following and hit Enter:

cipher /w:driveletter:\foldername

Here you will have to specify the Drive letter and the Folder name or path.

Cipher can also be used to display or alter the encryption of folders and files. If it is used without parameters, it will display the encryption state of the current folder and any files it contains.

Cipher.exe switches

/?   : Displays help at the command prompt.

/e   : Encrypts the specified folders. Folders are marked so that files that are added to the folder later are encrypted too.

/d   : Decrypts the specified folders. Folders are marked so that files that are added to the folder later are encrypted too.

/w   : PathName – Removes data on unused portions of a volume. PathName can indicate any directory on the desired volume.

For a full list of Cipher command line switches and parameters, visit TechNet.

Due to the very nature of the tool, you are safe using it to securely delete data, as it will never overwrite your active files; it will only overwrite data which has been deleted by you.

Microsoft SysInternals also has a powerful tool that lets you delete files permanently. With the SDelete tool from Microsoft, which you can download for free, you can overwrite the contents of free space on your disk to prevent deleted or encrypted files from being recovered.

Posted by on , in Category Windows with Tags
Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP. Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.