How would a user that never set it up in the first place have a recovery key? I honestly am asking and don't know.

I recently (last week) had to drive over to a parent's house and "fix" their (pre-online accounts) win 11 computer used for sewing because it had become a blue screen saying aka.ms was required. They did not know how it happened and are not very technical users so I imagine they were tricked by some click-through dialog. It is not something they would ever do intentionally. All that computer ever does is run sewing pattern/control software.

▲

mynameisvlad 4 hours ago | parent [-]

The non-cloud methods for recovering the key have been the same since Bitlocker was released 19 years ago.

https://support.microsoft.com/en-us/windows/find-your-bitloc...

▲

superkuh 4 hours ago | parent [-]

I think there's been some miscommunication. If the bitlocker activation happens during tricking the user into going from a local account to online account, it is without the user's consent or real participation. They haven't printed out a copy of the key or moved it to a usb drive. They aren't aware their drives are being encrypted. They can't set up recovery keys now because the computer itself only shows the blue aka.ms screen. None of those 2/4 options are applicable.

There other 2 options are enterprise or online account (the very thing we're talking about) don't apply in this context.

▲

mynameisvlad 4 hours ago | parent [-]

You can set up recovery keys at any point in time, not just at creation. Just because people don't do it doesn't mean it isn't and hasn't been available for almost 2 decades.

	▲	Silhouette 3 hours ago \| parent [-]
		And presumably the instructions for this have been on display on our local planning department in Alpha Centauri? If a user isn't even aware that their local disk is being encrypted without their knowledge or consent then why would they think to set up recovery keys?