Forced bitlocker encryption without keeping the keys in a separate area accessible to you, is just adding ransomware to your own device.
this post was submitted on 17 Jun 2025
129 points (97.8% liked)
Tech
1430 readers
11 users here now
A community for high quality news and discussion around technological advancements and changes
Things that fit:
- New tech releases
- Major tech changes
- Major milestones for tech
- Major tech news such as data breaches, discontinuation
Things that don't fit
- Minor app updates
- Government legislation
- Company news
- Opinion pieces
founded 1 year ago
MODERATORS
Am I missing something? Doesn't Microsoft provide keys associated with your accounts? I had to unlock mine once and I just had to access it on my account page.
Right well the fellow on Reddit got kicked out of their account by Microsoft.
And if you dont remember your Microsoft account because you originally had a local account on win10?
Go through the steps to recover that account through Microsoft, I would reckon.
You have to sign in to get converted to a Microsoft account. It doesn't magically give you a Microsoft account without your login info.
The title is wrong. Most, if not all new phones have forced encryption. Macs have forced encryption (I think can be disabled, but it's encrypted by default).
Windows shows how crap software can lose you data.
this Encryption should be under good design circumstances, transparent. I'd wager that almost all apple operating system users have little to no idea everything is locally encrypted.
This is why I have multiple backups. But I'm a nerd who likes computers and has money. Not everyone has the means or knowledge to do the same. Users are getting screwed more and more by corporations and the decisions they force on their customers. Capitalism is long past the part where we could pretend that it was good for regular people. We're in the finding-out phase from here on.
I am a nerd without money - I have 3 drives 2 that live offsite. 6gb humble spinny drives. Everything that's important to me gets copied to these drives- I'm not using any fancy software - its a cut and paste job from a few Linux laptops and a desktop. I still have all my original wav file and games backup from 1998 with this method ( though then they were on 10 zip discs ) It just takes a little due diligence to back up your data.
god zip drives were so cool
Until you got the click of death. - happened to me.. luckily even back then I had a copy. Get your friends to host a copy of your stuff offsite and offer to do the same for them. We even share a drive of music we send around every couple years. Everyone benefits.
I salute you for having offsite backups. That's the mark of someone doing it right.
I wonder how this is going to work in government offices....
they've been using forced bitlocker for years.
the keys are on the in house domain servers though.
Isn’t Microsoft pushing everyone to host their AD on Azure now?
yep, in several countries including where I live. Several government institutions and state-owned companies have been using M$ Azure since 2 years ago.
I mean even if not its a virtual machine but they should still have control and backup/disaster recovery. So they could mass download all keys and encrypt it and put it on some other storage. I mean things like that should be done but as a tech person who has worked with this kind of thing I never am really satisfied with any backup and disaster recovery I have come across. Scratch that. Cars.com did a pretty good job overall and I imagine some other large corps do but its amazing how many don't.
Microsoft's latest Ransomware dubbed Windows 11...
It's all right, people!
Just backup your data on another non encrypted device, or back it up on the Microsoft cloud where it's absolutely safe from prying eyes, pinky promise!
Seriously, if you're using Microsoft windows I will think less of you and you're getting exactly what you paid for.
I don't think I grasp this at all. They say the encryption is forced, so that means that I can't just access my files with Linux or whatever? But then at the end they say to use an extra hard drive as backup, so that can't be right. Is their problem that the cloud storage is encrypted? Wouldn't it be a huge, glaring issue if it wasn't? Regardless, I would expect to be locked out of my files on a cloud storage service I got locked out of, so I don't know what encryption has to do with it. I don't get it.
I had an offline windows account on my laptop.
I was freelancing for a company that gave me a Microsoft account.
I logged into teams, but was very careful not to assign my laptop to that account. I had to use teams, but I didn't want my client to manage my device.
Shortly after I installed Linux, which broke windows bitlocker, and I had to get my bitlocker key.
I hadn't set up bitlocker, I wasn't expecting it. As far as I was concerned, I had bricked my device.
On a hunch of "hmm, maybe", I checked my Microsoft account from the client, and it has a bitlocker key which unlocked my windows install.
At which point, I disabled bitlocker and now primary Linux.
But yeh, in my experience bitlocker is transparently applied during windows install and you never know your bitlocker key. If you never log in to a Microsoft account, you will never be able to recover it if you don't save it in advance. And if you don't know its happened, why would you know to save it in advance?!
The fact that I was able to recover my bitlocker key for my offline/local windows account because I had installed & logged-in to teams via a client provided Microsoft account is strange as fuck.
Linux supports BitLocker encrypted partitions. You just have to specify the BitLocker recovery-key in your fstab file or on the command-line. I've been dual-booting with disk encryption enabled on both Linux and Windows for several years, using that functionality