Secure Private Folders Making Inaccessible and Undeletable

If you are so much worried about the data privacy at your local computer, you can lock them by using some password protection software. But personally, I don’t like to use any software unless I don’t have any alternative option. Here, in this article I’ll describe a simple technique to make any folder inaccessible and undeletable thus making the contained data private without using any password protection software.

At first, create a folder in some safe location at your local hard disk. It is wise to keep the folder into the ‘Program Files’ folder of your system root drive. Give any name for that folder. Putting a technical name would help to prevent anyone from guessing the folder’s confidentiality. Say, the name is ‘Private’. Keep all the files like text files, images, videos or any thing else that you want to make private into that folder.

Now, we’ll convert the folder ‘Private’ into inaccessible and undeletable form so that, nobody can get access to the content of that folder. The procedure is too easy. You can do it with a simple dos command in Windows command prompt.

How to make a folder Inaccessible and Undeletable

1. Open the command prompt in your system (Press Win key+R, type ‘cmd’ in the Run dialogue box and hit ‘Enter’).

2. Type the following syntax into the command prompt.

cacls <folder_name> /e /c /d %username%

For instance, the command should be like this:

cacls private /e /c /d %username%

It will make the folder ‘Private’ inaccessible as well as undeletable. If any body tries to open or delete the folder, the following messages will be shown.

When you want to open that folder for your own need, type the following syntax in the command prompt and hit the ‘Enter’ key from your keyboard.

cacls <folder_name> /e /c /g %username%:f

This will return the folder into its normal form. This trick works in Windows XP, Windows 7 and Windows vista as well. But, make sure that the file system is NTFS. Otherwise, this technique won’t work.

You might also like to read: Change Windows User Passwords From Command Prompt.


You might want to argue that hiding you personal files and folders could solve the problem. But, keep in your mind that almost every one who has a little knowledge in Windows can easily make the folders visible from the ‘Folder option’ in Windows explorer.

Related Posts


  1. Chaminda :

    I have successfully made the folder undeletable and inaccessible. Bur, OMG, I can’t make it accessible again. When I try it on the CMD it gives the message “access denied”. Advise.


    • ppr skp :

      . From Properties on that folder, select Security, click Advanced, select the Owner tab, select Administrators, check the “Replace owner on subcontainers” box, and click Apply. You can then select the Permissions tab and grant Administrators full-control, and Users-Modify access.

      Log off and back on as yourself – you should be able to CD to the old temp folder and create/delete files. Restore your original TEMP variable definition if you can access the personal temp location.

      NEVER play with CACLS using only the /G option, as that will remove all System access and permit only the account(s) you specify, requiring the steps above to be performed as an admin to recover access. IF you want to experiment with CACLS, use /E to edit the permissions and grant specific access to a different account. You can use runas to open a command window with alternate credentials and test access rights with little or no ill effects.


      • Irshad :

        Same problem for me. Now it’s solved. Thanks

  2. kris :

    hi when i tried the above mentioned command in my pc running on win7 i got the following message” No mapping between the account name and security id was done”.. tried it several times but i was not able to make the folder undeletable and inaccessible.. pls advice

  3. Tanmay :

    make sure that the user have the full access. As example an administrator account has the all privilege.

  4. Tanmay :

    It is not clear in what command are you facing the problem? The screen shots in this articles are from Win 7. So it is clear that it works well in Windows 7. You should specify the actual area of your problem so that I can help you. Feel free to share you problem.

  5. kris :

    when i type the following command “cacls private /e /c /d %username%” n press enter i get the following message in dos prompt ” no mapping between the account names and the security IDs was done”… i have created the folder on the desktop n tried this command n my file system is NTFS.. i have named the folder “private”

  6. Tanmay :

    it seems to be that your operating system have a problem. Are you the administrator of your system?

  7. kris :

    yeah i am the admin..

  8. kris :

    hi it works fine now:-) anyway thanku so much.. this is a wonderful site u got here, got lots of useful info.. keep up the good work buddy:-) looking forward for ur future posts.

  9. Tanmay :

    Thank you Kris. I’m happy to see that your problem is solved.

  10. Anil :


    The technique works fine but if anybody knows the data name inside this folder then he can directly access the data with run command. means if i have made the private folder unaccessible with this command and there is a folder named “One” inside private folder.
    then i can access the internal folder with the run command as C:……Privateone.

    We’ll be able to access the data and even if anybody searches in the parent folder of Private folder for the data type(like search for “*.dat”) which is contained in the Private folder then the results will contain the data from Private folder if any present of that type.

    And we can again easily access the search results of the unaccessible folder. So this technique is not full proof and don’t rely on it blindly.

    I tested it in Windows 7.

  11. Tanmay :

    You are quite right. If any body knows the exact name of your secret file then he can play with that. But this article has written on the virtue that your friend or any body does not know the file name but you want to prevent them to discover your secret file names when accessing data. It should not visible in the search results as the folder is not accessible for a specific user. It depends on user information in that computer. If there are more than one user then make the folder inaccessible for each user. However thank you for your investigation. Keep it on and let me know if you have any other query.

  12. gautam :

    hii i like it and it works on win 7 if you .
    i have an extra feature for this if you want to lock any folder in your computer in win7 then go to start then programs accessories then right click on the command prompt and run it as can lock any folder in computer.
    visit my blog

  13. bilal haider :

    I tried it successfuly. but its unsecure. :(
    any trick to secure it (lock it) from other users who have administrator rights too so that information is made unavailable in searches. like search “*.doc” etc. ?

  14. ajay :

    hey..its a good idea…but i cant make it accessible again :(
    please help me……….

    • Tanmay :

      Yes you can make it accessible by the command described in the article. But it is not possible to permanently make inaccessible the folder here. The folder can be made inaccessible for some user of your computer. Thank you for your comment.

  15. suprit :

    Hi… i m able to make all my folders accessible and inaccessible except 1. i made 1 already created folder name viedos-s inaccessible which contains some other files and folders. now i m unable to make it accessible again. please help… i have all privilages…..

  16. Tanmay :

    write the command properly. It should make it able to return in the normal form.

  17. vincent soko :

    to make things easy just create two batch files using note pad and name then as key and the other one as lock
    all you have to do is double click
    cacls /e /c /g %username%:f

    cacls /e /c /d %username%
    You can save it any were even in you flash drive

  18. vincent soko :

    to make things easy just create two batch files using note pad and name then as key and the other one as lock
    all you have to do is double click
    cacls (directory here) (folder name here ) /e /c /g %username%:f

    cacls (directory here) (folder name here )/e /c /d %username%
    You can save it any were even in you flash drive

  19. ramaraobobby :

    MSDOS indeed has powerful commands such as these to perform advanced tasks. This Access Control List (ACL) command is really of great use edit and display file permissions on NTFS partitions. This is one of the best ways I have ever known to make folders completely private. Thanks for sharing Tanmay….

  20. deepak :

    Can i make one private folder in external USB drive , so no one can access that folder in any system, without my permission
    Please advice

  21. Tanmay :

    @Deepak: This tutorial uses A DOS command Cacls which can be run only on NTFS file system. So if your external drive file system is NTFS then you can. But that is not more secured if you want to make inaccessible your folder by this method as your friend or any third party can know about the command. Then he/she can easily use the reverse command to access that. The best way is to password protect your folder. I wrote about that tutorial. Click here to visit

  22. utteb :

    It worked bu i am unable to access again.


  23. Tanmay :

    @Utteb: Just run the command cacls /e /c /g %username%:f. You should able to access the folder again.

  24. grouver :

    Thnks buddy it helps a lot I guess it works the same as secuKeeper but the difference is it cant be unlock with the same command which make it totally inaccessible any idea how it works?

    try adding this code inside your inaccessible folder:

    attrib +s +h *.* /s /d (save as anyname.bat to hide everything)
    attrib -s -h *.* /s /d (to undo the effect)

    it helps to prevent locating the files on command prompt.

  25. grouver :

    I forgot the bat files you created will not be excluded try adding additional line example the bat file I created name hide.bat

    attrib +s +h *.* /s /d
    attrib -s -h hide.bat

    thanks again..

  26. Grouver :

    Hey I got problem regarding the code I cant access it even typing the correct command I got denied many times I successfully turn the other programs and folders to their original attributes except the 3 software I got

    Faronic_DFS (folder and deep freeze files contained inside)

    any idea why?

  27. Grouver :

    Thanks God I found a solution for this bug ^_^!
    for those who got the same error try searching SubInACL.exe
    hotfix from Microsoft.

    anyway thnxs again tanmay for sharing.. this is a very useful command… I hope you can share more tips with regards on bat files programing.

  28. Tanmay :

    Hi Grouver. Thanks for your appreciation. Any way you can also see another interesting post with batch file. Here it is

  29. Grouver :

    Thanks tanmay I’ve seen that post before. Good luck and keep-up the good work and If you want can try using editv32 to mask the password with asterisk, you can use that as substitute to set command on bat files and there are lots of options you can use. I also tried this on vista and it works.

  30. kamal :

    nice but with error
    it make my folder Inaccessible and Undeletable but when i delete the folder it delete the folder inside files

  31. kamal :

    when i type the following command “cacls private /e /c /d %username%” n press enter i get the following message in dos prompt ” no mapping between the account names and the security IDs was done” n i m the admin of my pc

  32. kamal :

    yaa thanks for help this is really a gud trick and helpful

  33. aijolee :

    Same PROBLEM! I am logged as Administrator but when I tried to undo my changes using your trick: cacls Filename /e /c /d %username%:c, I got a message saying:No mapping between account names

    • Tanmay :

      @aijolee: May be there is some problem with user accounts in your computer.

  34. phaw :

    not working on me, im running xp pro but i cant make it inaccessible

  35. Tanmay :

    Phaw: Make sure that your file system is NTFS or not. Also try to apply this trick as the administrator of your XP. Let me know if this solves your problem. Thanks for sharing with us.

  36. Udegbunam Chukwudi :

    Nice hack but I prefer doing stuff like this with a software. I’m using the free version of My LockBox and it works just fine for me 😉

  37. Tanmay :

    @Chukwudi: This is a tutorial for those who want to avoid extra software in their machine.

  38. Tom :

    If someone stole your hard drive, they could also easily access the data by putting it into their computer, then using the same “cacls” command to give them ownership over the folder.

    Or if the other users have Administrator rights, they could also use the “cacls” command to change the ownership.

  39. Tanmay :

    Yes Tom. You are right. This is not the ultimate way. But you can make your confidential mores secure by a simple trick.

  40. Tom :

    Hi this is great! but how can I make the folder undeletable but yet accessible please? I tried /g %username%:R C but that didn’t seem to work and giving actual “User” or “Domain” resulted in an error message saying “account names not mapped to security ID”

    Please help


  41. Tom :

    Also is there a way to password protect this atall? Would be great to see an article on password protecting USB flash drives, its folders, files …


  42. Tanmay :

    Tom: Frankly I also tried to do that but still not succeeded. Once I get any way will publish here.

    About password protecting a folder: You might find your answer here:

  43. Tanmay :

    Thanks Tom for the suggestion. I will definitely cover some article on password protecting USB drive. Keep reading.

  44. Lenincha :

    Hola Tanmay, me agrada el tema, pero mi consulta está en lo siguiente: para que me puedas sugerir, dime por favor como puedo hacer la operación en caso de que tengo en mi maquina instalado dos discos duros y un sistema operativo diferente en cada uno de ellos, ademas que para cada sistema existen de 4 a cinco usuarios incluido el administrador, por lo que es de suponerse que hay dos administradores como minimo en la PC, cual seria la sintaxis? para poder proteger correctamente una carpeta ubicada en el disco de otro sistema? .. Gracias de antemano …. Saludos

    “Hi Tanmay, I like the subject, but my query is as follows: that I can suggest, please tell me how I can do the operation if installed in my machine I have two hard drives and a different operating system on each of them, besides that for every system there are 4 to five users including the administrator, so it is assumed that two administrators at least in the PC, what would the syntax? to properly protect a folder on the disk of another system? .. Thanks in advance …. Greetings”

  45. Tanmay :

    @Lenincha: You can apply the command on any location. Just navigate to the folder location in that different hard disk from the command prompt. You can use cd command.
    This tutorial is based on Windows system and will not work for different OS.
    Thanks for your comment. Keep your reading at TechTipsGeek

  46. Shlesh :

    it worked while locking but it didnt worked while unlocking. what do i do. it worked for an empty folder so i locked my important files. nad its displaying access_denined. what do i do. please help…

  47. Tanmay :

    cacls /e /c /g %username%:f
    The above command should unlock the folder. If not, then please make sure that you are the admin user of your computer. If you are using windows 7, run the command prompt as administrator (type cmd in the start menu search box > right-click on “Command prompt” > click on “Run as administrator”). Then run the above unlocking command. Let me know if this solved your problem.

  48. chandu :

    Hi…when i’m trying to lock, it is showing error like this…

    cacls is not an internal or external command…
    wat can i do…?

  49. James :

    Hi I have locked the folder but how can I unlock it. I am using windows 7 and I have made the folder inaccessible to myself. How exactly do I use the administrator account?

  50. Tanmay :

    Run command prompt as administrator. You can do it by Start > All programs > Accessories > right-click on command prompt >Select Run as administrator. Then navigate to the folder location and type exactly the following command replacing with yours.
    /e /c /g %username%:f

  51. buhari4u :

    i use cacls foldername /E /P everyone:n to lock a folder,to unlock that folder i try f instead of n but it shows “Access denied”,i also tried with y instead of it also not working.pls help me to unlock the folder

  52. M Zia :

    sir is this option(to make folder inaccessible) only for NFTS or also for FAT32 thanks

  53. Tanmay :

    @M Zia: I have already mentioned that it works only on NTFS file system. However, thanks for your comment.

  54. Benjamin :

    Can I protect harddrive in win7 x64 so other users can view/read ONLY and not write, delete, copy datas to that drive

  55. jeff :

    i must say this is pretty stupid. Anyone with knowledge of security rights of ntfs will simply go to the security tab (in properties, it even tells you) and retake ownership/privieleges of the folder.

  56. Yahoo :

    This tip not used for FAT32….so made NTFS first….okay

  57. Jan :

    A word to the wise: This method is NOT secure.

    First, anybody knowing (or guessing) a file name can access it.
    Second, anybody with any knowledge about NTFS security (like, goning to the root of C: and typing CACLS * /T /G BUILTINusers:RW) can break it.
    Third, anybody booting your PC into a Linux CD/USB stick can access everything (as he will have full root/administrator access on the Linux OS, he can override your NTFS permissions).
    In effect, your method just *may* be good enough to keep your mom out of your image collection, but even your little sister could get in.

    If an attacker has physical access to your PC, only encryption can protect your data.
    I would strongly recommend installing TrueCrypt – it’s free, it uses strong encryption that’s likely to withstand even determined attackers with both knowledge and resources, and it’s open source – important in security software because it can be and has been reviewed by independent researchers.
    To be really safe against professional adversaries, you would need to encrypt the full hard disk so the encryption works before booting into Windows, but for 99% of the people out there an encrypted “virtual drive” is good enough. (Yes, an attacker may be able to stitch together some useful data from your page file, but this is way beyond most moms and little sisters).

  58. leonides :

    it can be easily access when u r using windows 7, just go to security tab then advanced to edit the permission.

  59. Ramesh :

    Hi, I tried this it works fine. Thanks for this post. If any way like this, to make the file be an undeletable?

  60. maddy :

    hi Tanmay bro i think u remember me.i tried this trick but its not working for me iam not clearly getting were to put space in command prompt so kindly help.iam using windows xp service pack 2

    thanks Regards

  61. maddy :

    tanmay iam getting that system cannot find the specified file bro

  62. Tanmay :

    @Maddy: I think you are doing mistake to specify the file path.

  63. maddy :

    tanmay iam using win xp kindly teach me as easiest as possible

  64. mudaser :

    hi tanmay
    i have locked the folder sucessfully,after that i have format the c: (drive),same NTFS(filesystem) is there before formating and after formating,now iam trying to unlock the folder but it is not working???… please help me

  65. Himalay :

    hello tanmay,
    its not working in my pc win7
    its showing error “Invalid parameter ‘admin'”
    now what i have to do??

  66. Tanmay :

    put %username% rather than admin when you are logged in with the admin user privilege.

  67. Asif Raza :

    i am using windows xp sp3 with ntfs file system and i am single user i donot know how to make my folder inaccessible on the desktop screen,i am the administrator of this computer but sometimes my friends can use this computer and i want to save my data from my friends, i wrote the command in command prompt as under
    c:Documents and SettingsAdministratorDesktopcacls one /e /c/ /d %Admin%
    because when i check my coputer’s properties it is registered to Admin so when i entered in the command prompt the following message appered no mapping between account names and security ids was done
    please guide me through my mail id is as under

  68. Asif Raza :

    i made a file inaccessible on desktop successfuly and reaccessible too but the problem in your command is that in windows 7 a kid can also delete it if he will press SHIFT+DELETE
    because if you want to delete it even in inaccessible mode just press shift+delete it will be removed permanently

  69. noha :

    hey tanmay sir,
    i locked my f drive using the following command
    ” cacls f: /e /p everyone:n ” and it got locked
    and then i opened cmd as administrator and then i tried to unlock my f: drive using the command ‘ cacls f: /e /p everyone:f ” but its not opening its saying acess denied.

  70. sureya :


    Even i got same probs as lik u , Noha i entered in command prompt as ” cacls e: /e /p everyone:n” i need to know the counter command of this so please help me

  71. saurabh :

    I have successfully made the folder undeletable and inaccessible. Bur, OMG, I can’t make it accessible again. When I try it on the CMD it gives the message “access denied”. Advise.

  72. yash :

    dude its nt working its showing no mapping between accounts and ids done o sumthing plz help

  73. Dina :

    hi, it didn’t work to me. can you help me?
    i confused about %username%, what exactly mean of it?

  74. john :

    Does this command work for shared files on a server ie windows server 2003?

  75. bhavya :

    can we make the folder private in any drive except c drive if we can how can we make actually ill make this but after unlock it will cant access

  76. ajay :

    is work for i’m usng win7…

  77. santosh :

    when i type the following command “cacls private /e /c /d %username%” n press enter i get the following message in dos prompt ” no mapping between the account names and the security IDs was done” n i m the admin of my pc

  78. Chechey :

    I can’t format my USB flash drive…

  79. akshay :

    If our folder is in our external hardrive i.e(pendrive) than what we will do to make it private

  80. irshad :

    hi it works well but i have locked some video files in d partision but when i m going to unlock it it says access denied pls help

  81. Adam :

    HELP cant unlock i use the cacls/e /c /g %username%:f command it says processed dirs but it is still locked! HELO

  82. sks :

    Your folder got locked?? Never mind there is an easy way to do it

    Select folder->Mouse right click->Properties->in that select “Security” tab-> In that click on “Edit Permissions” -> and then click on allow check boxes which is currently @ Deny.->that’s all you are done.

  83. hovasapian :

    I’m not that much of a online reader to be honest
    but your blogs really nice, keep it up! I’ll go ahead and bookmark your website to come back in the future. Many thanks

  84. Gideon :

    Thanks for the help ……now there is no need to download folder locker sofware

  85. john :

    Same problem that had done with many other users :
    No mapping between the account name and security id was done

  86. parag :

    Sir maine DOS through attrib command use karke folder hidden kiya tha but now any how I can’t access it… I used recovery software , winrar archieve but no results…I want that folder back

    • Tanmay Ahmed :

      Run this command properly: cacls /e /c /g %username%:f

      • Michael Dlone :

        you forgot about the foldername:
        cacls (Folder_Name) /e /c /g %username%:f

        • Tanmay Ahmed :

          Thanks Michael!

  87. parag :

    Tanmay..Please tell mi in detail…I can’t understand..there is a folder name IMP on D: drive how I access it..exactly what should I do..

  88. Tanmay Ahmed :

    At first tell me which command did you run?

  89. Avik :

    I tried this cacls /e /c /d %username% but it gives me cacls is obsolete use icacls.When I use icacls /e /c /d %usename% it gives invalid parameter avik.(where avik is the name of the user).should I need to have a administrative privilege for the same.

    • Michael Dlone :

      Try to use icacls (Your FolderName Here!)/deny SID:f. I think it must be worked well.

      • Haseeb :

        Can u make it like : There should be a password to make the folder accessible again ?

  90. Ricky Fisher :

    Works absolutely amazingly

    Thanks so much :3

Leave a Comment

Your email address will not be published. Required fields are marked *