Why? Because local data recovery will be that much harder, forcing people into online backups with Microsoft
OneDrive mysteriously moving and deleting your data without permission. BitLocker encrypting it without permission. What’s next?
What’s next?
We already got Windows taking timed snapshots, and ads in the Start Menu. I’m not sure I want to know.
You can avoid device encryption by using a local account.
But aren’t they also trying to do away with local accounts?
Yes, they constantly are pestering me to log into my Microsoft account.
Device encryption is designed to improve the security of Windows machines by automatically enabling BitLocker encryption on the Windows install drive and backing up the recovery key to a Microsoft account or Entra ID.
Once again, Microsoft is missing the importance of consent both in forcing the encryption and in not giving users a choice in who holds the keys to your data.
This is going to suck for a lot of people. I’m all for encryption. If any of the laptops, in the business I work for, lack encryption, I’m going to throw a fit. But, for home use the situation is not the same. I’d argue that the risk of device theft leading to critical data compromise is pretty low and the risk of the user needing someone to perform offline data recovery for that user is much higher. And the number of users who will actually have the key saved in a location they can get to it, and provide to the data recovery tech, can probably be counted without taking off my shoes.
This is dumb. It’s yet another case of Microsoft picking a default for users which helps Microsoft but isn’t good for users.
Not even fucking Apple, the so called “privacy company”, enables FDE by default.
This is going to lose so many non-techie people’s data it’s not even funny. Now what used to be a 15 minute job to help mom/grandma after they forgot their password again to “recover” their photos is going to be impossible
They’re not going to write down the recovery key, they’re not even going to know what it is or the importance of it.
Assholes.
You can avoid device encryption by using
a local accountLinux.This isn’t news, this has already been the case since Windows 10 1803 back in 2018.