Share via

I can’t access some files on my external hard drive.they show a padlock icon.

Gayana Roshan 0 Reputation points
2026-03-15T05:13:20.2433333+00:00

I can’t open some files on my external hard drive. they show a padlock icon. About four years ago I encrypted those files and got an encryption key. After my previous laptop was critically damaged, I bought a new one and transferred the data, but I lost the original local user account in the process. On the old laptop I could still open the files despite the padlock icons, but now I no longer have access even if i have the encryption key & the certification with me. I don't know exactly how to use it.

Windows for home | Windows 11 | Security and privacy
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Lychee-Ng 17,125 Reputation points Microsoft External Staff Moderator
    2026-03-16T08:02:36.2266667+00:00

    Hi Gayana Roshan,

    I understand how frustrating this is, especially when you know the files are yours and you still have the key and certificate. Based on what you described, the padlock icon on individual files/folders strongly points to EFS (Encrypting File System):

    • EFS encryption is tied to the original Windows user account’s certificate
    • When that account was lost, Windows no longer trusts the files.

    Having the EFS certificate and private key is the only valid recovery option. If you still have that combo, the files may still be recoverable. So if you found it, import the EFS certificate on your current Windows 11 PC:

    1. Sign in using the account you want to access the files with
    2. The certificate file is usually .pfx or .p12 > double-click to open
    3. Choose Current User when prompted > follow the Certificate Import Wizard
    4. Enter the certificate password and accept all defaults when prompted > Complete
    5. Sign out and sign back in > Reconnect the external drive and try opening the files again

    However, please note that if you can't access the certificate file, or it does not contain the private key, there is no supported way to recover EFS‑encrypted files. Microsoft cannot regenerate or bypass these keys by design. If the certificate is only a .cer without the private key, it will not work.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

  2. Q&A Assist
    2026-03-15T05:13:38.66+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    The padlock icon indicates the files are encrypted and tied to encryption keys that were stored with the original Windows user profile or device. After moving to a new PC and losing that original local account, the new system no longer has the keys needed to decrypt those files.

    On Windows 10/11 there are three common protection mechanisms that can cause this behavior:

    1. BitLocker Drive Encryption (full‑drive or volume encryption)
    2. Windows Information Protection (work/school data protection)
    3. EFS (Encrypting File System) per‑file encryption

    From the available information, the situation matches the general pattern where encryption keys are no longer available on the new device:

    • For BitLocker: If the BitLocker recovery key is not stored in the Microsoft account, printed, saved, or otherwise backed up, it cannot be retrieved by anyone, including Microsoft support. In that case, the only option is to erase/reinstall the drive, which causes data loss.
    • For Windows Information Protection (work files): If the files were encrypted as work data, access requires the organization’s encryption keys. If the OS was reinstalled or the device is no longer joined to the organization and the keys are not present, only the organization’s IT admin/help desk can restore access. Without those keys, the files cannot be opened.

    The context explicitly states for work‑protected data:

    “You might see this message on your work PC… It means you can't open one or more work files because the encryption keys are not available. This scenario typically happens if the operating system partition is wiped and work files are stored on another partition or drive. To restore access to your work files, you must contact your IT administrator or your organization's help desk.”

    And for BitLocker:

    “Unfortunately, if the key isn’t available in any of these places, it can’t be retrieved by anyone, not even Microsoft support. BitLocker is designed to protect your data through encryption, and without the recovery key, it can’t be bypassed.”

    Given that the original local user profile (which held the encryption keys) is lost and only a certificate/key file remains whose usage is unclear, the only supported recovery path is:

    1. Identify what type of encryption is in use (BitLocker full‑drive, work protection, or per‑file encryption) and where the recovery key(s) are stored.
    2. If the files are work‑protected, contact the organization’s IT admin/help desk to restore the encryption keys.
    3. If the files are BitLocker‑protected and no valid BitLocker recovery key can be found in any of the documented locations, the data cannot be decrypted.

    If no valid, usable recovery key or organizational key is available, there is no supported way to regain access to those encrypted files.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.