Feels like a “render unto Caesar” non problem
It seems to be a behaviour particular to portable devices. I’d argue encryption by default is a good thing on a device that’s more likely to be stolen (and the identity theft implications that brings) but clearly it needs to be better communicated to the end user.
I reinstalled windows 11 recently and had to manually re-encrypt the boot drive, which also prompted me to save a copy of the key. I had the option of backing up to my MS account, saving a txt file (which it refuses to let you place on any encrypted drive, even if it’s a different one to the one you’re encrypting at the time), or print it (which can be to a PDF you can save anywhere).
It’s possible to access the backup options at any time after that as well.
I usually take the last option, save the pdf to the same drive then copy paste the key into my password manager then delete the file.
You don’t have to give Microsoft the key (unless you want the “backup” option) but the OS has to have the key locally while it’s running in order to be able to read the data on the drive (and also write new data).
In typical usage The TPM holds the key, but it’s the OS that generated the key and encrypted the drive in the first place. I don’t know the technical details but the TPM recognises the OS install that programmed it and will only automatically unlock and provide the key for that. If you change it by swapping the drive or booting to a different device it remains locked and any alternative OS requires the key to be entered manually.
Well if you have the key, you’re not locked out.
Yes, you have to opt in.
I use a Microsoft account for my user profile, and recently reinstalled windows. I didn’t choose the account backup and so despite signing back into the same account, the encrypted partitions on my non-boot drives could only be unlocked by pasting the key in directly, there wasn’t an option to restore it.
HP Smart does suck, although the cheap HP printer/scanner we picked up in 2020 for home schooling has been pretty reliable. A couple of the colour nozzles clogged after an extend period without use, but it’s on the £1 a month cartridge rental so I just kept re-running the cleaning cycle until it worked again.
I put that out but the stupid chicken choked while I was looking for a YouTube video 4:42 long