Back in January Microsoft encrypted all my hard drives without saying anything. I was playing around with a dual boot yesterday and somehow aggravated Secureboot. So my C: panicked and required a 40 character key to unlock.
Your key is backed up to the Microsoft account associated with your install. Which is considerate to the hackers. (and saved me from a re-install) But if you’ve got an unactivated copy, local account, or don’t know your M$ account credentials, your boned.
Control Panel > System Security > Bitlocker Encryption.
BTW, I was aware that M$ was doing this and even made fun of the effected users. Karma.
That still happens without bitlocker. Computers are dropped. Facebook passwords are forgotten.
I acknowledge automatic encryption is going to make some more cases of lost data, but, with respect, I think the benefit of making fewer cases of stolen data is worth it. I agree with the other commenter that users should be made aware of it more clearly.
Also, as much as I hate the push to Microsoft accounts, I have to admit it helps mitigate this problem: if all ordinary users have an account looking after their master keys, then they can turn to that when they forget their login password etc. but the opportunistic thief on the train can’t (as easily). Not every grandma has a Millennial relative at hand to boot Linux to rescue files off her HDD. And for those who don’t like to trust their master keys to Microsoft/Apple/Google? There’s Linux. And external backups. And saving your password somewhere safe.