U-Tools: Unique Tools for Windows System Administrators
U-Move Help

Encrypting the Backup

The backup snapshot file (.BKF) contains a snapshot of Active Directory. It that includes sensitive data such as user logon passwords. To help protect the .BKF file U-Move will offer to encrypt it with a secret passphrase.

Recommended: Always encrypt the .BKF file with a secret passphrase

U-Tools recommends that you always encrypt the .BKF snapshot file. You will be prompted to choose a secret passphrase to encrypt the file. If you wish, you can leave the passphrase blank to skip the encryption step (not recommended).

When you load the .BKF file on the destination computer, you will be prompted to re-enter the same secret passphrase to decrypt the file. U-Move will refuse to proceed if the passphrase does not match.

Encryption: High performance on modern processors

U-Move will use fast AES-NI machine instructions on Intel processors (available since 2011) and on AMD processors (available since 2013) when encrypting the .BKF file. When using these hardware machine instructions there should be no measurable delay in the backup performance compared to backing up Active Directory without encryption.

See Intel(r) Data Protection technology with AES-NI and Secure Key.