• Romkslrqusz@lemm.ee
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 months ago

    […] device encryption will be enabled by default when you first sign in or set up a device with a Microsoft account or work / school account.

    For devices with a TPM, this has literally been the case since Windows 10 1803 back in 2018.

    • bandwidthcrisis@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      But that’s not the case for Windows Home, is it? The FDE setting just takes me to a page to upgrade to Pro. My laptop does have TPM.

      • Romkslrqusz@lemm.ee
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        It is, Secure boot and the TPM must both be enabled.

        If you check Msinfo32 / “System Information” with admin rights, there is a “device encryption” listing that maybhave additional information.

        There are rare instances where a device won’t support automatic encryption due to “Un-allowed DMA capable bus/device(s) detected” which requires a registry tweak to work around