If you understand it so well, perhaps you could explain something for me.
I have recently seen three clean installs of Pro. One an OEM pre-installed Windows 10 Pro, as supplied by Dell from the factory. The second a clean install of Windows 11 Pro on the same machine. The third a factory reset on a different Dell using its Dell-supplied Windows 10 Pro recovery DVD. In each case the install only had a local account, so there was no Microsoft account involved at all.
In each case
manage-bde -status showed 'Conversion status: used space only encrypted', 'Percentage encrypted: 100%' and 'Lock status: Unlocked'. So, my question is the same as
@Dru2 asked: Where is my key? And why at no point in the clean install was I asked to save it, of even informed that Bitlocker was being used by default?
Windows 11 encrypted my drive automatically - post #69
BTW: as I have no need or wish to be using Bitlocker I have since decrypted all the drives concerned using
manage-bde -off
MS does make mistakes in this regard, perhaps the best indicator is missing pieces of documentation, on the following webpage for example. One tab of the webpage for W10 is populated, the other tab for W11 is empty.
Populated tab for W10
Learn about BitLocker Device Encryption in Windows and how to enable it.
support.microsoft.com
Empty tab for W11
Learn about BitLocker Device Encryption in Windows and how to enable it.
support.microsoft.com
MS appears to do irregular things these days so as not to do any damage.
I am not a BitLocker expert, BTW, but I have very carefully read up and discussed BitLocker (not on this forum, on a couple of other security forums) for about 6 months before turning it on on a W8.1 test machine. Turns out it was easier done than studied, in this case. I expected to do another 6 months of trials, but after another month, I turned it on on my main work computer (also W8.1 at the time) There is a LOT of misinformation by 'experts' on the net, and that can be very dangerous.
BitLocker is like a very dangerous pet tiger. If something goes wrong with BitLocker, it can be like getting hit by ransomware. So, I made precautions to not get eaten. When I upgraded to W10, I upgraded my test machine first to see if I can live with the little changes and not make habitual type of errors with BitLocker. Only after about a year of adaptation time with my test machine, did I upgrade my main work computer to W10. Moreover, I practice other safety precautions, like having 2 archives in addition to my backup. Only 1 of the 2 archives is connected to the live system at any one point in time, which is the same precaution against ransomware.
The socalled BitLocker that MS allegedly automatically activates is NOT standard BitLocker encryption. It is an emasculated version, dubbed 'device encryption'. Still, it is BitLocker technology and potentially disastrous if it malfunctions (Murphy's law) and MS is no doubt trying to prevent disasters. Maybe hiding the key and doing auto-recovery behind the scenes is one of those disaster prevention things that MS tacitly does. Maybe not rolling out open automatic activation all at once and only tacitly trying out parts of the population is what happening. Maybe only populating part of the documentation when it can be safely done, and leaving other parts of the documentation empty ...
Edit: I do buy into the value propositions of BitLocker that you can read about on pertinent MS webpages. It is even obvious that I love BitLocker, LOL. That does not mean that you have to buy into those value propositions, to each his own.
