|
|
|
|
|
|
by vladvasiliu
1314 days ago
|
|
|
> Microsoft avoids that by backing up your key (not password) to a USB drive or even cloud first. There's no typo issue. There's no forgotten password issue. The issue is that now the forgotten password moves to the cloud, especially since Bitlocker is activated automatically, without notifying the user, when an MS account is used. So regular Joe probably has no idea his drive is encrypted. And since MS also push for authenticating to the account by using the TPM combined with a fingerprint / webcam / PIN, if you can't use your laptop (which is likely the case if you can't remember the unlock password – which you've probably never knwon was even a thing to begin with) you're pretty much SoL if you can't remember the cloud password – which you haven't used in months, possibly. I think the old, manual way of activating BitLocker was best, where they tried to coax you into backing up that key someplace. |
|
|
That method lead to tons of people not using it. It also lead to tons of drive lockouts due to people not knowing the password and not backing up the key. Good security is transparent to the user, making the user do things makes them insecure.
There are a ton of authentication options for a Microsoft account that aren’t passwords (they are the “passwordless” people after all). You can set up as many as you want (and will be nagged about it until you do!). Install Authenticator, configure whatever your phone offers for biometrics to unlock it, and get on with your day.