this post was submitted on 02 May 2025
341 points (87.1% liked)
Technology
69658 readers
3050 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I read the article but am not smarter than before. I heard some time ago that windows does encrypt the drive but you need an active online account and the key will be saved online. So do people forget their online passwords and methods to recover that said account? I dont like m$ and am using linux, but people loosing their passwords, being uninformed about their systems and dont so backups is not the direct fault of the operating system.
Setting up encryption has previously been an affirmative step wherein the user opted into being unable to access their data if they lose their password. Because of this users have the opportunity to back up their recovery key you know after they even learn what one is.
Having it happen on upgrade to an existing machine is inherently confusing and its easy to see how it could lead to data loss.
It seems like they just got locked out of their Microsoft account (which stores the bitlocker key). Idk why they can't just reset their password or if this article talks about the times where people couldn't do that due to missing email access or maybe resetting the password deletes the bitlocker keys?
Either way though, the problem is that Microsoft is forcing encryption on everyone and not properly educating them on the consequences like "Backup your decryption key if you care about the data" in a way a normal user actually listens to.
Is there a legit reason for this? Why can't they just encrypt the data with the password used to access the online account?
Because then you can't change your password. Since you would have to decrypt all the hard drives that use windows with that account, and then encrypt them again with the new one.
This also means that if you forget your password you are fucked.
Typically an actual key is effectively just a very long pseaudorandom binary blob and the passphrase is just used to unlock the actual key. This means you can add a new key just by encrypting the actual key with the new passphrase
Typically that is also the way you can use multiple accounts to unlock the same hard drive encryption. You just encrypt the actual key with each of the account passwords.
Just did a fresh win 11 install . In order to update bios before installing Linux. Refused to let me install without wifi but a quick googling and a command prompt later it was possible to work around easily
I helped my sister deal with this. Bitlocker activated itself, the keys were in her account which she had access to. She had done everything properly but nothing worked to resolve it.
There’s countless forum posts on it since about 2021 if you go looking for it. None of the recovery processes worked so I reformatted and enabled bitlocker at the start. Next time I visit, she’s getting Linux Mint.
Fuck Microsoft. End users shouldn’t be expected to troubleshoot like that.
Bitlocker can be turned on without having an account on device iirc.
Correct, can be turned on and it will provide you the key to be saved as a file if I recall