Good afternoon everyone,

What I like to do is lock some of my sensitive files using the windows EFS
encryption so that if someone were to steal my computer and somehow hack the
password into my account, they still would not be able to read the files.

If I were to:

1. encrypt the files
2. then export the "encrypting file system" certificate from the certificate
manager (in the personal folder) to a thumb drive (and a backup drive).
3. delete the certificate managers copy
4. Every time I want to access the files, I plug the thumb drive in, and use
it to decrypt the files.

Is this a good way to do it ? Any red flags here ?

Thanks for your time and help

Peter