Apple and Google regularly highlight that they are technically unable to unlock their customers’ encrypted smartphones or tablets, even if requested to do so by authorities. The situation is more nuanced with Microsoft and its Windows encryption feature, BitLocker. If the user stores the recovery key in the cloud, the company can provide it to law enforcement.

BitLocker is the drive encryption feature integrated into Windows that protects data on hard drives from unauthorized access, such as in the event of device theft. To regain access to the system in an emergency, a recovery key is generated during setup. Windows offers various backup methods for this: the code can be printed, saved to a USB drive, or stored directly in the Microsoft account in the cloud.

If you choose to store your data in your Microsoft account, this data is saved on the Redmond-based company’s servers. As Microsoft has confirmed to Forbes, these BitLocker keys are released when a valid court order is presented. The FBI makes about 20 such requests annually. This implies that Microsoft has access to the key data, although it remains unclear whether this data is stored on the servers in plain text or encrypted.

However, cloud storage doesn’t necessarily mean that the provider has read access to the data. Technically, the recovery keys could be stored on the servers in such a way that they are encrypted, for example, with a separate password or hash belonging to the user. In this scenario, Microsoft could host the data but would have no way of viewing it in plaintext or sharing it with authorities. Since the company can release the keys upon a court order, such a safeguard clearly does not apply here. This also raises questions about the overall security of recovery keys stored in the cloud.

Microsoft spokesman Charles Chamberlayne noted that while cloud recovery offers convenience, it also carries the risk of unauthorized access. Users must therefore weigh whether such convenience is worth it or to keep the key stored locally.

Editor of the original article: Marc Herter – Managing Editor Consumer Laptops – 548 articles published on Notebookcheck since 2021

From an early age I liked to thoroughly examine all kinds of devices to see how they worked, which also involved taking my own devices apart and therefore not always to the delight of my parents. Nevertheless, with my grandfather’s support, I became a computer and electronics tinkerer. With the family PC and Lego Mindstorms, my interested in software and programming took off, and I am currently an engineering program student. I enjoy building all sorts of gadgets with Arduino and 3D printers, and I still like to put electronic devices through their paces. By joining the Notebookcheck editorial team, I have been able to turn my hobby into a profession.

Translator: Jacob Fisher – Translator – 2735 articles published on Notebookcheck since 2022

Growing up in regional Australia, I first became acquainted with computers in my early teens after a broken leg from a football (soccer) match temporarily condemned me to a predominately indoor lifestyle. Soon afterwards I was building my own systems. Now I live in Germany, having moved here in 2014, where I study philosophy and anthropology. I am particularly fascinated by how computer technology has fundamentally and dramatically reshaped human culture, and how it continues to do so.