Bitlocker as a it is currently implemented is for retards. For starters the default settings only requires a TPM, you don't need to set a password to encrypt your shit since Windows will use the TPM to store the key. Which sounds bad, but it gets worse since the TPM can just refuse to spit out the key if you just looked at it wrong so you need the 48 character recovery key which Normie McRetardson likely didn't save it somewhere safe(which is why microsoft made it default in Windows 10 to upload the key if you had a microsoft account linked).

But wait it gets worse Windows stores the key directly in the TPM, doesn't even try to encrypt the key with the user's password so anyone with an Raspberry Pi(https://www.youtube.com/watch?v=wTl4vEednkQ) can get the encryption key as long as the computer can boot to the login screen rendering the whole thing effectively pointless.

Bitlocker as a it is currently implemented is for retards. For starters the default settings only requires a TPM, you don't need to set a password to encrypt your shit since Windows will use the TPM to store the key. Which sounds bad, but it gets worse since the TPM can just refuse to spit out the key if you just looked at it wrong so you need the 48 character recovery key which Normie McRetardson likely didn't save it somewhere safe(which is why microsoft made it default in Windows 10 to upload the key if you had a microsoft account linked).

But wait it gets worse Windows stores the key directly in the TPM, doesn't even try to salt the key with the user's password so anyone with an Raspberry Pi(https://www.youtube.com/watch?v=wTl4vEednkQ) can get the encryption key as long as the computer can boot to the login screen rendering the whole thing effectively pointless.