Comment by fpoling
1 day ago
With Bitlocker it is still possible to have single password-based key. But enabling that requires to enter a few commands on the command line.
1 day ago
With Bitlocker it is still possible to have single password-based key. But enabling that requires to enter a few commands on the command line.
It requires the Pro edition of Windows too.
And you can be sure it didn’t add a ‘recovery’ key, how?
Using the same CLI, which shows all the alternative "protectors".
Again, that is a lot of trust since it could trivially just… not show it. Which is already the default for most FDE systems for intermediate/system managed keys.