To be fair, if microsoft didnt automatically backup the keys, a simple BIOS/UEFI setting change, or windows update could trip the Secure Boot settings, which would clear all the TPM keys from the system, which means the sysyem would prompt you for the recovery key. I think people value being able retain access to their data over encryption. And to Microsoft’s credit, its not exactly a secret, they literally tell you that the key will be uploaded.
a simple BIOS/UEFI setting change, or windows update could trip the Secure Boot settings
they could work around that though, but I still agree that backing up the passphrase to an arguably safe online system is good
To be fair, if microsoft didnt automatically backup the keys, a simple BIOS/UEFI setting change, or windows update could trip the Secure Boot settings, which would clear all the TPM keys from the system, which means the sysyem would prompt you for the recovery key. I think people value being able retain access to their data over encryption. And to Microsoft’s credit, its not exactly a secret, they literally tell you that the key will be uploaded.