Perfect, this will finally lock out all the old people of their devices because they forget their bitlocker password :D
I guess they'll use TPM. I'm so excited to tell half of my "clients" (all seniors in the village) that they are fucked because their Laptop died.
Yeah, this makes sense for corporate environments with keys backed up to a centralized location like Active Directory. Not for consumers with no reasonable way to keep some key like this in a safe place as a "break glass in case of emergency" option.
It backs up to the Microsoft Account
Still, some people create an @outlook.com email, set up no recovery options, forget the password, and find themselves locked out.
How do you get to your Microsoft account when your computer is locked?
If you're doing things properly, you'll know your Microsoft account password or have it in a password manager (and maybe have other account recovery options available like getting a password reset email etc.), and have a separate password for the PC you're locked out of, which would be the thing you'd forgotten. If someone isn't computer-literate, it's totally plausible that they'd forget both passwords, have no password manager, and not have set up a recovery email address, and they'd lose all their data if they couldn't get into their machine.
Even if you have your Microsoft account password, it doesn't help when you can't even boot into Windows.
Most people have smartphones these days where they would be able to log into their account and grab the recovery key if it's backed up. If they don't have a phone, they will know someone that does, or a library with a computer.
Bear in mind that non-techy users don't get the option to opt out of a Microsoft account in the OOBE now, so most should have their key backed up without thinking about it
Do they also know their password? Hopefully they didn't save it on the PC that is now locked (a lot of them probably did, if they saved it at all).
A Microsoft password is more recoverable than a lost bitlocker recovery key.
Also, it feels worth highlighting that every other OS targeted at general consumers encrypts user data by default. Microsoft is really just getting up to speed with where everyone else was like 5 years ago.
Many people will have access to a secondary device, not all of course.
Almost everyone has access to a phone. Most governments, including the US provide free or low cost smartphones to those who can't afford it. There are entire MVNO carriers based around this, like Assurance wireless.
A phone or another computer?
Microsoft fucked that up in the Home edition, where the key in your account won't work.
You don't need your hard drive if all your files have been secretly moved to OneDrive taps forehead.
All 5 GB of them. Wait ...
Oh, I can just imagine. Customers getting angry that their tech support cannot "just simply" recover their files like they used to and accuse them of scamming. Fucking thanks, Microsoft.
Keys are backed up to their MS account by default.
local accounts only
It’s hard for the average windows user to make a local account
Unless you don't have an MS account or only set up a dummy account just to get the stupid OS to activate and have never used once since.
Wel then, either get a Microsoft account that you remember the password to or don't use Windows since they are pushing hard for this type of security. Linux is completely free for people who don't like the way Windows is heading towards.
Then somebody can sell new devices to them and M$ can sell new windows with it.
Perfect, this will finally lock out all the old people of their devices because they forget their bitlocker password :D
I guess they'll use TPM. I'm so excited to tell half of my "clients" (all seniors in the village) that they are fucked because their Laptop died.
Yeah, this makes sense for corporate environments with keys backed up to a centralized location like Active Directory. Not for consumers with no reasonable way to keep some key like this in a safe place as a "break glass in case of emergency" option.
It backs up to the Microsoft Account
Still, some people create an @outlook.com email, set up no recovery options, forget the password, and find themselves locked out.
How do you get to your Microsoft account when your computer is locked?
If you're doing things properly, you'll know your Microsoft account password or have it in a password manager (and maybe have other account recovery options available like getting a password reset email etc.), and have a separate password for the PC you're locked out of, which would be the thing you'd forgotten. If someone isn't computer-literate, it's totally plausible that they'd forget both passwords, have no password manager, and not have set up a recovery email address, and they'd lose all their data if they couldn't get into their machine.
Even if you have your Microsoft account password, it doesn't help when you can't even boot into Windows.
Most people have smartphones these days where they would be able to log into their account and grab the recovery key if it's backed up. If they don't have a phone, they will know someone that does, or a library with a computer.
Bear in mind that non-techy users don't get the option to opt out of a Microsoft account in the OOBE now, so most should have their key backed up without thinking about it
Do they also know their password? Hopefully they didn't save it on the PC that is now locked (a lot of them probably did, if they saved it at all).
A Microsoft password is more recoverable than a lost bitlocker recovery key.
Also, it feels worth highlighting that every other OS targeted at general consumers encrypts user data by default. Microsoft is really just getting up to speed with where everyone else was like 5 years ago.
Many people will have access to a secondary device, not all of course.
Almost everyone has access to a phone. Most governments, including the US provide free or low cost smartphones to those who can't afford it. There are entire MVNO carriers based around this, like Assurance wireless.
A phone or another computer?
Microsoft fucked that up in the Home edition, where the key in your account won't work.
Timestamp 8:48 in this video
https://youtu.be/pIRNpDvGF4w
You don't need your hard drive if all your files have been secretly moved to OneDrive taps forehead.
All 5 GB of them. Wait ...
Oh, I can just imagine. Customers getting angry that their tech support cannot "just simply" recover their files like they used to and accuse them of scamming. Fucking thanks, Microsoft.
Keys are backed up to their MS account by default.
local accounts only
It’s hard for the average windows user to make a local account
Unless you don't have an MS account or only set up a dummy account just to get the stupid OS to activate and have never used once since.
Wel then, either get a Microsoft account that you remember the password to or don't use Windows since they are pushing hard for this type of security. Linux is completely free for people who don't like the way Windows is heading towards.
Then somebody can sell new devices to them and M$ can sell new windows with it.
Win-win-win-win....