Key: HKLM\System\CurrentControlSet\Services\NTFS\EFS\Parameters Value name: EFSKCACHEPERIOD Value type: REG_DWORD Default value: 5 Minimum value: 2 Maximum value: 30 Description: The number of seconds the kernel will cache the session key for a user for a given file. The Kernel will not validate the user credentials during this cache period. This has the net effect of faster access to encrypted files that may be opened several times during a given time period. Cached session keys are stored in nonpaged pool memory. Increasing the value of EFSKCACHEPERIOD will result in higher usage of nonpaged pool memory. This increased nonpaged pool usage might cause problems for some machines, especially machines that are trusted for delegation for remote encryption. Key: HKLM\Software\Microsoft\Windows NT\CurrentVersion\EFS Value name: KeyCacheValidationPeriod Value type: REG_DWORD Default value: 3600 (1 hour) Minimum value: 60 Maximum value: 86400 (1 day) Description: The number of seconds that the user-mode component of EFS will cache a user's certificate chain. Adjusting the user mode cache validation time upwards will improve the performance of systems that use EFS operations frequently. When EFS operations are in use, processing time is needed for the system to obtain and validate the certificates and keys. This will significantly slow system performance if the user mode cache validation time is set too low. The higher the user mode cache validation setting, the less often the system validates; the lower the setting, the more often the system validates. If EFS security is a priority in your system, then you will want appropriate EFS credentials to be validated more frequently. For maximum security, the lowest setting will provide the most frequent validation.
Article ID: 278256 - Last Review: 01/12/2015 17:04:23 - Revision: 2.0