The non-cloud methods for recovering the key have been the same since Bitlocker was released 19 years ago.

https://support.microsoft.com/en-us/windows/find-your-bitloc...

I think there's been some miscommunication. If the bitlocker activation happens during tricking the user into going from a local account to online account, it is without the user's consent or real participation. They haven't printed out a copy of the key or moved it to a usb drive. They aren't aware their drives are being encrypted. They can't set up recovery keys now because the computer itself only shows the blue aka.ms screen. None of those 2/4 options are applicable.

There other 2 options are enterprise or online account (the very thing we're talking about) don't apply in this context.

▲

mynameisvlad 4 hours ago | parent [-]

You can set up recovery keys at any point in time, not just at creation. Just because people don't do it doesn't mean it isn't and hasn't been available for almost 2 decades.

	▲	Silhouette 3 hours ago \| parent [-]
		And presumably the instructions for this have been on display on our local planning department in Alpha Centauri? If a user isn't even aware that their local disk is being encrypted without their knowledge or consent then why would they think to set up recovery keys?