new machine, w11home.
i have used computers 40+ years, from dos; pro versions, bitlocker; veracrypt, truecrypt, etc.
i am confused with w11home, and security. if there is a guru out there, i will detail the questions for this.
short summary
w11home, it is bitlocker in the machine encrypting it – gpedit.msc shows bitlocker policies, and manage-bde – status shows it as bitlocker. CAN the PRE-BOOT PIN for bitlocker be turned ON, through manage-bde, so the BITLOCKER pin request comes up before the username/password?
#2
w11home, when i turn it on, it comes up to username/password. IS the drive at that point UNENCRYPTED? IF SO, HOW is my computer protected from hackers? is it just by the
windows-limited-login-attempts (10 wrong attempts, locks up for 10 minutes), and the 2-second delay between attempts? and WHAT is the difference whether a PIN or PASSWORD is used for hte username authentication?
#3
if the drive is yanked out of the system, can that drive still be inserted as an external drive, into anoter machine, and use the bitlocker RECOVERY KEY (the 36 char one) to unlock that drive
I am debating upgrading to w11pro, JUST to get the bitlocker pre-boot PIN option, but first want to see HOW and IF these new security measures of w11home negate the need for the upgrade
thanks