XPost: alt.comp.os.windows-10   
   From: winstonmvp@gmail.com   
      
   Maria Sophia wrote on 1/24/2026 1:45 PM:   
      
   >> Windows Home Device Encryption when enabled   
   >>   - first looks to store the key in the MSFT account that was initially   
   >> used to setup(first use) the device even if that MSFT account was   
   >> switched to a local logon. If not setup with a MSFT account or MSFT   
   >> account no longer present on device, the only options for the user to   
   >> obtain the key are - Save to USB, copy to paper, copy and save to text   
   >> file.   
   >>   - the key itself for validation purposes is stored on the device, but   
   >> not in readable or accessible form.   
   >   
   > Thanks for the clarification. I was researching this in a response for Paul   
   > just now in the bitlocker thread (where MS handed the keys to LE), where we   
   > need to pin down the distinction between Device Encryption on Home and full   
   > BitLocker on Pro with respect to where we "can" store the encryption keys.   
   >   
   > AFAIK...   
   > i. Windows Home does not include full BitLocker. It includes Device   
   >    Encryption, which is a limited version with almost no user control.   
      
   Previously covered in this thread like the other Roman numeral points.   
      
   >   
   > v. The recent reports about Microsoft providing recovery keys to law   
   >    enforcement involved keys stored in Microsoft accounts. That perhaps   
   >    most applies to default Device Encryption on Home, and maybe not   so   
   > much to BitLocker on Pro when configured with local-only protectors.   
      
   It applies to requests with a valid legal requests for Bitlocker keys(for   
   devices that support Bitlocker) stored in their Microsoft accounts(which   
   is the only location MSFT has access to Recovery keys, i.e. they can't   
   and don't mine Windows devices for Recovery key content in any form).   
   >   
   > In summary, I think that Windows Home users do not have the same kind of   
   > control over key storage that Windows Pro users have.   
      
   At least, you're getting closer to the entire picture(Bitlocker   
   Encryption is fully supported on Enterprise and Edu editions, too)   
      
   > That is why the default workflow on Home ends up with the   
   > recovery key in a Microsoft account in most cases.   
   It does not(for Windows Home)   
      
      
   --   
   ...w¡ñ§±¤ñ   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)