[jchw]

I skimmed back the article after reading this comment, and I'm still not really sure how this follows. Of course you should always make redundant backups with parameters suitable for however much assurances you want to have that you will not lose data. However, I dunno if there's any particular evidence to suggest that data loss is the main concern here. I mean, I have a backup strategy for most of my data, but I'd choose to spend at least some time trying to avoid the need to restore a backup first. Plus, I don't think there's good evidence to suggest that data theft is not a huge concern for people. Inside this article is a link back to a previous article about a NAS vulnerability that allows anyone to change the password of the NAS and enable SSH without authentication. I dunno if it's the same vulnerability I remember from some years ago, but there was a pretty real situation where many WD MyCloud users had their data stolen and NASes wiped. (I actually had a thankfully-mostly-decommissioned MyCloud at the time and it did in fact get pwned.)

Backup strategies and good security posture is a "why not both" type of situation. It's harder than it should be, but sometimes that's the cost of doing business.

[sedatk]

Yeah my comment's tangential to the article. The problem there is that there is an FDE password in the process of securing your data that you can't backup reliably (Filippo misspelled the password). This would have caused the loss of an entire RAID drive for anyone, not for Filippo in this case obviously. Such a basic UX problem causes catastrophes.

Microsoft avoids that by backing up your key (not password) to a USB drive or even cloud first. There's no typo issue. There's no forgotten password issue.

[vladvasiliu]

> Microsoft avoids that by backing up your key (not password) to a USB drive or even cloud first. There's no typo issue. There's no forgotten password issue.

The issue is that now the forgotten password moves to the cloud, especially since Bitlocker is activated automatically, without notifying the user, when an MS account is used. So regular Joe probably has no idea his drive is encrypted.

And since MS also push for authenticating to the account by using the TPM combined with a fingerprint / webcam / PIN, if you can't use your laptop (which is likely the case if you can't remember the unlock password – which you've probably never knwon was even a thing to begin with) you're pretty much SoL if you can't remember the cloud password – which you haven't used in months, possibly.

I think the old, manual way of activating BitLocker was best, where they tried to coax you into backing up that key someplace.

[Godel_unicode]

> manual way of activating BitLocker

That method lead to tons of people not using it. It also lead to tons of drive lockouts due to people not knowing the password and not backing up the key. Good security is transparent to the user, making the user do things makes them insecure.

There are a ton of authentication options for a Microsoft account that aren’t passwords (they are the “passwordless” people after all). You can set up as many as you want (and will be nagged about it until you do!). Install Authenticator, configure whatever your phone offers for biometrics to unlock it, and get on with your day.