Back in January Microsoft encrypted all my hard drives without saying anything. I was playing around with a dual boot yesterday and somehow aggravated Secureboot. So my C: panicked and required a 40 character key to unlock.

Your key is backed up to the Microsoft account associated with your install. Which is considerate to the hackers. (and saved me from a re-install) But if you’ve got an unactivated copy, local account, or don’t know your M$ account credentials, your boned.

Control Panel > System Security > Bitlocker Encryption.

BTW, I was aware that M$ was doing this and even made fun of the effected users. Karma.

  • dan@upvote.au
    3·
    8 days ago

    you immediately tie the permanent accessibility of your local files to you retaining access to a cloud account?

    The Microsoft account holds a backup of the recovery key, which you need to use to restore access in if you do something like significantly change the hardware or move the drive to a different system (which are effectively the same thing).

    You don’t need it for day-to-day use of the system, and you can also just get the recovery key and print it out or write it down somewhere.

    Say, Veracrypt is churning away in the background. Why would one leave Bitlocker activated?

    That’s a good point.

    • splendoruranium@infosec.pubEnglish
      1·
      7 days ago

      The Microsoft account holds a backup of the recovery key, which you need to use to restore access in if you do something like significantly change the hardware or move the drive to a different system (which are effectively the same thing).

      You don’t need it for day-to-day use of the system, and you can also just get the recovery key and print it out or write it down somewhere, which is usually how it’s handled on systems that don’t use a Microsoft account.

      Not as disastrous as I assumed then, thanks!