I agree 100%. I miss the days when Windows was just an operating system, not an advertising machine, that collects all your data using useless features as an excuse.
Like Google Crash Handler. I hate that executable and immediately delete it from my computer upon discovering it running. It's an erroneous title. It doesn't manage crashes. While it's running, it slows down your computer and sends "telemetry data" to Google. What I'm doing on my computer is my business, and I don't want something running on it that Google snuck onto it via a browser update.
I agree, I miss the days when your windows computer was really "your own machine". Little by little everything seems to be moving to away from a standalone computing environment to a cloud based subscription model which feels very intrusive. Thanks for the great videos
For me, it's Windows 98 and Netscape Navigator, a much simpler life. It all showed so much promise. When I retire I'm going to just sit there and type games into a ZX Spectrum just to be away from T&Cs and this "Second life"/"1984" hell I find myself in.
Likewise. And I only back up to local portable drive, with my own backup software - not the Microsoft products. Once a week, I put that drive into a safety deposit box at my bank, swapping between five drives.
As an IT professional with over 30 years of experience, I haven't heard such nonsense in quite some time. I'd quite like to address this video point by point but a) it's 1:30am and b) I have a funeral to deal with tomorrow. So maybe later.
Great video as always! And you don’t even need to sign in with a Microsoft account at all during initial setup. If you type ‘a’ into the username and password fields, it will tell you something went wrong and just let you make a local account. As someone who works in IT and sets up new computers all the time, this is a huge lifesaver.
Thanks for this tip. I was infuriated when I was installing a new computer for my parents. I knew some workarounds with Win 10 (and pro version), but this of course had a win 11 home. I don't even remember how ended up installing it in the end (probably with my throwaway ms account and removing it after I got the local admin setup). I'm wondering if the EU is having a look at this as it's basically forcing you to use ms account (unless you're quite advanced in it). And that Bitlocker being activated silently.... yeah, I've had my share of those problems at work. And those were win 10 pro machines that weren't installed with ms account at all, but rather in local domain. I don't remember WHY that happened, but I wasn't amused trying to figure that out. After that I usually remembered to deactivate bitlocker after initial installation 😂
@Garbox80 the difference is, YOU know about BitLocker. Unfortunately, the non-techie masses don't. And if this happens once to some unsuspecting novice, that's one time too many...
There is one advantage you didn't list... and that's having the Windows license being bound to that user account rather than the motherboard of the system. So, if you have to replace the motherboard, or you build a new computer, you don't have to worry about activating Windows. However, that's really mostly relevant to the DIY space. It's also a double edged sword, because if your account is hacked... you might never be able to get back in, and that activation would be useless and you have to get a new key. Regardless... I always use a local account as my login to the machine, for all the reasons you listed. People need to keep in mind that Microsoft doesn't care about selling Windows anymore. They're more about selling services and your data. Windows is no longer the product... you are.
Excellent points, but I was pretty sure that the activation stopped with "significant" hardware changes. Not supposed what Microsoft considers "significant", though..so there's that 👍
@@AskYourComputerGuy I have several test benches here that I've swapped the CPU, GPU and RAM countless times, often the CPU and GPU at the same time, and never had one deactivate. The only change that I'm aware of that will require reactivation is changing the motherboard.
@@jovetj one of the reasons I'm switching on my laptop. But I'm not amused with battery life. Plus I have dual graphics which is another level of problems.
Computer guy of 30 years here. Watched your video with interest. It reinforced and crystallised my own feelings about local accounts versus MS accounts. The information about Bitlocker also useful and interesting. Thanks
Agree 100%. One of my clients used the PIN to enter her laptop and forgot the Microsoft account's password, because she never used it. One day, the PIN didn't work, because of an error that I found out was due to corruption in the security structures of Windows, probably due to an upgrade or something. She lost everything, because the disk was also BitLocker encrypted. And the backup in the cloud? Without the account's password, that is useless. The password was impossible to reset.
@@Sr.DeathKnight THAT is scary! I'm a total novice with this stuff - I also have my Xbox account & had to backup all my game captures to onedrive thru my XBaccount. I agree with this and didn't know we could even bypass the PIN thing when I first got it.
Imagine being a store owner and then being told that you need a PIN from another company far, far away to be able to activate the door to your store when just using a physical key should be enough safety for you.
As an IT professional for 26 years, and a PC geek since 1978, I avoid any external authentication related dependencies I can when configuring a workstation, (especially authentication!!!!), and for a company that we already know exploits there users as a "product". So, I also agree with you. That said, I use a completely different login for packages such as Microsoft Office (I don't use office365 at home), a different login for skype, etc... on new installtions I disable onedrive, and avoid other "cloud" logins where ever possible.
I never log into my Microsoft account and have my Windows 10 lockedl down as far as possible. I have never used The Cloud and warn all my friend against using it. I also don't use Outlook but use Thunderbird. The idea to to use as little of Microsoft's products as possible. I don't use Skype. For backups I use a 5x4tb WD Red Hard Drive system (USB 3) which I only connect when I want to access the files there or perform backups. I also have a 1tb NVME hard drive off site held be a friend who I never phone or send an email. That keeps big brother out of the picture.
Totally agree with you. It's MY computer, MY data and I am not going to add another dependency (that as you mentioned, can be hacked) between me and MY computer. In fact, I circumvent using the Microsoft account when installing/setting up the OS. It's bad enough that we've given up so much control over our computer in the HOME editions (which are verging on spyware).
I moved to Linux after Microsoft "accidentally" forced Windows 10 upgrades on a ton of users, myself included. Telemetry that can't be entirely disabled? No thanks. And the last 5 years have been amazing for gaming on linux, thanks to Valve's Proton framework. Honestly, I have no reason at all to return to Windows and I'm relieved for that. As you said, it's MY computer, MY data, and I prefer using an operating system that respects that entirely.
As long as you run windows, your computer is not your computer. It's Microsoft's computer, you're just allowed to use it. Local account, Microsoft account, as long as you're connected to the internet it doesn't matter. Switch to Linux.
I was a computer tech, and the amount of people both home and corporate users who had no idea they had bitlocker installed was astounding. If I had to replace a system board on a machine that could not post, and when presented with the the Bitlocker recovery key would think its my fault and responsibility to fix.
@@AskYourComputerGuy Backup, backup, backup can't be stressed enough. And the average user typically doesn't understand the value of rotating backups until it's too late.
@@AskYourComputerGuy That is why I ALWAYS pushed my clients to setup a NAS and companies to have a portable that would be kept off premises. It is insane how they would fight over cost an inconvenience. Then they have a catastrophic loss. I ALWAYS said we can restore from your latest backup! Some had it other didn't. I've never been a fan of "cloud" storage "because it's easy" easy for hackers too!
@@cruisepix My mantra is, there is no Cloud, it's simply another computer somewhere, and that means another weak link in the chain that a hacker can exploit. The number of data breaches testifies to that. An off-site backup is the safest route to take.
The first thing I do when I want to install Windows 10 is to unplug the Internet cable or turn off Wi-Fi. This allows you to bypass the Microsoft login requirement and have peace of mind. Great video. I absolutely agree with you! Greetings from Germany!
you can also just chose this option while installing. At least this was last times i installed windows 10, lately i only install 11 and there it is also an option, while being connected to the internet.
@@ArgelTal_ i've seen that option be funny. another youtuber had a video about this subject and showed it missing and how to get it back. @CreatureOFTheVoid mentioned it being hidden during install in another comment on this video a month ago. but just put "a" for both user and password and it will redirect to a private account. there's other ones that work, too, like "admin".
@@TheJacklikesvideos Funfact, i have to correct myself i guess. I think the Option is only availiable at the Pro versions since i installed my first windows 11 home yesterday after a long time. And this option was not availiable!
Wanted to make some changes to my microsoft account for ages and didnt even quite realize that i login with my ms account, this has pushed me to finally do it, thanks
As an IT professional from 1981! - and as many other folk have said here - I totally agree 100% with your advice. It is appalling how MS treats it’s customers, (or it’s competitors - Netscape et al.) And MS’s policy of more or less forcing / tricking Win 11 users of certain editions to always use an MS account is even more of a concern. They really are as bad as ever were. And did I suffer a retro 1970’s acid trip? BUT - didn’t MS say ‘Windows 10 was the last operating system you will ever need to buy’? Thanks for your great content.
@@AskYourComputerGuy And I appreciate you reading my comment and replying sir! (I think you’ve had over 4,300 and well deserved too.) Greetings from the UK.
LoL, in 1983 I was in Junior high School taking Courses like FORTRAN and COBOL, there were no ral PC's at that time! okay I had a Comodore vic 20, Timex sinclair 1000 and stuff but PC's were not the common thing, so what Fortune 500 company did you work for? I joined the military in 85 and stuck with Electronics and IT.
I have used a Microsoft account for many years and I have come to the same conclusion as you ..... I don't need or want a MS account anymore so starting tomorrow I will be switching all my PC's (4 desktops) over to a local account ..... keep the vids rolling you have some very good info about computers.
@John3_16_ Stay tuned! Working on a new video called "Windows expert tries Linux for the first time". Thought it would be am educational video to show Windows users exactly how difficult a time they will have switching when ALL they know (like me), is Windows. Should be an interesting evaluation from a newb standpoint! 👍
The thing about the "having things backed up to Microsoft's accounts means a subpoena could let a three letter agency see all your data" thing is that the same applies to pretty much any other online backup software. The only way to get around that is to back things up using an external harddrive, which can be rather tedious...
@tjmasters7532 correct, but why give them any more "free data" to potentially use via Microsoft? Seems logical that if they have a reason to come after you, they'll find a way...but no sense in doing the work for them 😂🤷♂️
I can't foresee me doing something that would make the government interested in my PC. I'm more concerned with spyware, malware, and things that could compromise my computer and cause my personal financial information to be compromised. That's a threat regardless of how you login your computer. I also think one of the most important things a person can do is frequent backups of their data. Even if you do cloud backups of some things (Which is insanely slow for people in area that don't have super high speed internet connections.) You should backup your entire computer (image, files, however you decide to) that is stored on local offline storage. If the client that had to have their entire drive formatted had a local backup, they could have made a full recovery, minus only the most recent data.
Thank you. I just switched to local account after your video. I was pissed off when I been forced to use Microsoft account during installation. And I just forgot about for almost 2 years. Thanks again for the remind.
I'm quite new to the profession, I have only been doing it for a couple of years after getting my degree. I have yet to meet an experienced IT Professional who has 1 good thing to say about using a Microsoft Account as your Windows user account.
@@AskYourComputerGuy I notice a lot of people aren't even aware it's an option to use a local account, it's in the way Microsoft almost forces you to use a Microsoft account when first installing the OS. But I mean, what else is new ;)
Wow!! Thank you SO much for this eye-opening video! I'm a long time Windows user and I honestly never gave it a second thought logging in with my microsoft account versus a local account. That's going to change. I'm also going to share this with the many other users I know in hopes they will change their ways as well. Appreciate this!
I agree. The thing about the webless password reset is that it only works if you still have the same phone number. Just dealt with that with a customer. They forgot their PIN and also changed phone numbers. So the only way to get around that is to trigger a recovery and wait 30 days for the reset. That's not an exaggeration. In the future I will be making sure I setup clients to login locally.
For those that do decide to use an MS account for their login, or have their non-primary account setup to use MS authentication, I STRONGLY advise you setup Windows Hello authentication for the account using a Microsoft login (you can use a PIN if you don't have a biometric scanner on your computer and can even allow a PIN to be longer than 4 digits and include non-numeric characters making it a local-only password in effect). If you forget your MS account password, or get locked out of it due to having a compromised MS account, your PIN/biometrics will still work to unlock your device since the PIN/Windows Hello sign-in is specific to that one device, not synced to the cloud. Having a device that you can access that has/had been tied to your MS account may also improve your ability to recover your MS account. (Makes things a lot more similar to how an Apple/Google account works on mobile devices). I think that MS accounts will let you use email addresses that were removed for 2 weeks to a few months in the event of a breached account as well as part of the recovery process if you have some other way to prove you are the account owner (say with a linked device that was linked before having your account compromised).
Setting up various recovery methods is something to do on all "freemail" type of accounts, Yahoo, Google, Microsoft, Facebook. Too often people entirely lose access to their years of data in that free account. And the big companies generally don't have phone support or any way to reach out.
Yep, and don't save passwords in your browser or cloud based repositories. Lastpass were my password manager, then they got hacked. So now it's locally stored in KeePass with backups on multiple devices instead, changing passwords every x months.
since when is a 4 pin better than a password? I guess its more memorable, but since people don't like using complexity anyway these days no matter what, why should it matter?
One does not have to be a geek to have a visceral nauseous response to the idea that a corporate entity can not only be sniffing your data but also lock you out from your own "personal" computer. Having your data sniffed is bad enough, all depends on your tolerance for having your privates sniffed, but the idea you can be locked from access to your own property is beyond the pale. If you have a need for that sort of humiliation and degradation there is always marriage and access to a spouse that will be happy to lock you out of your own property.
Windows is going to become a cloud service, similar to how you can play Xbox games in the cloud. I believe a good amount of people will move to Linux as some already have. Microsoft keeps updating Windows and breaking it, imagine it as a cloud service.
@@xlr555usa They're luring us all into the cloud and other traps and once enough of us are there with no exit option they'll threaten to drop you without a parachute to keep you in line every time you try and push back against the extortion. Even if you're a Windows groupie & not particularly impressed with Linux it is absolutely critical that we keep alternatives alive be it cash, banking, computing whatever. A world where (for example) the Canadian Truckers can be shut down by the banks or a company like Amazon's AWS can "fire" a customer like Parlor is a very dangerous world indeed
But your still wasting your time bub 😂 NSA has access to every packet being sent no matter what you do , you think you matter? When worlds most wanted hackers get letters from the NSA saying they know who they are 😂 they don’t even have to arrest them to show em who’s boss. The idea of privacy is pathetic it’s 2023 no mater what you do you won’t have privacy… go google Pegasus I believe v2 came out 😂 privacy haha 😂
Linux doesn't care 😉 Call your user "Count Dickface the Third" for all the devs care 😂 In a world where corpo software creeps on you by default, using FOSS *must* become the default.
To prevent forcing to create a Microsoft account during initial windows setup, make sure to disconnect the internet from the computer during the welcome wizard. that way Windows setup would offer you to skip that step and create a local account directly without ever needing to create a Microsoft account/user on the computer.
That works if you have a LAN connection, but if you use wifi and don't disable it PRIOR to setup, you're going to be stuck creating a microsoft account. You can still create a local account afterwards, but it's still a pain.
@@AskYourComputerGuy worth the shot. I don't have a computer with WiFi only , so i can't test it out. maybe if you got time some day you can test it and let us know...
Actually today is wfiey's birthday today so I'm taking some time for her. And I don't have any systems ready to be setup at the moment. Might just have to dig on Google for this one 👍
As an IT professional - with about 25 years of experience - of MICROSOFT (+ 10 of various breeds of Unix ), I agree with you 100%.😃 IMHO Microsoft is a good servant , but a rather suspect master. (Look who founded it!) Just found your channel - looks really useful! Thanks!
Absolutely agree. I've always used a local account, but they're deliberately hiding and making it harder and harder to do. So glad I finally switched to Linux a year back after a Windows automatic update self destructed... never wanted to deal with the learning curve of a new OS, but it's worth it not to deal with Micro$oft's snooping and nonsense again!
Stay tuned. Currently working on a video called "Windows expert tries Linux for the first time". I want to show everyday Windows users with SOME experience just how simple or difficult it would be to switch to Linux - what works, what doesn't, etc. Naturally a VERY involved video idea, but it's in the works! 👍
I've been using Windows since 3.1 and the latest developments are very concerning. It's now well over the line for what I consider acceptable. Linux works fine for my needs.
Learning curve is the real issue. Everyone is too lazy to learn it, let alone implement it. There's a reason why local accounts are getting harder to do. I believe that simplicity is more a factor than it is a conscience effort of collecting data or having access to data. Most people are careless of their data than they like to admit.
@@AskYourComputerGuy I find it funny that Linux always comes up when it comes to Microsoft. Asking a Windows user to work with a Linux distro is just as ridiculous as a Mac user using a windows PC. Ironic considering that Mac Os is based on FreeBSD.
One huge negative of logging in with a MS account is if you use a password manager to generate huge random passwords like I do, it’s basically impossible to type your password in without the aid of your password manager anyway.
@@praetorxyn agreed. Did you ever try the new one (terminally in beta/early access sadly) before epic shut it down (because they seem to have abandoned anything good at this point)? I played it a little. It was actually quite reminiscent to UT99/UT2004. There is a player base keeping it alive with maps/servers if you look into it. Only takes a little finagling to get online with it.
@@Gramini I never got to play UT2004 with friends anyway, as we only had dial-up and I didn't have friends to play LAN with at school anymore by then. But I've probably logged hundreds of hours with the bots and had a blast.
This was useful to learn as someone going into the IT field. If I didn't need my machine to be able to run videogames, I would likely install Ubuntu Linux instead of MS Windows. Hopefully Linux becomes more broadly compatible with games in the future.
You could always dual boot. That's what I do. Using Mint as my daily driver and work machine, with a separate partition dedicated to Windows just for games that I could afford to lose.
As I mentioned in another comment, the Proton framework that Valve maintains has made gaming on linux a thing now and it's constantly getting better. From Cyberpunk to Baldur's Gate 3, I've been playing games on linux now for years and it's been great. Some of them run better on linux, too. Anytime I run into an issue getting something to run, I can typically find the Steam settings on protondb and I'm set.
@@squ34ky If you have a Radeon card you could also set-up a KVM if you want to not be limited by the partition that you made. Also makes it easier to boot up if you ever quickly want to boot a game that doesn't run well with proton or wine.
This is a really good review and I agree with all of the points made. Also, for archiving and backing up your work, good quality plug-in USB hard drives are an alternative. You just have it sitting on your desk and plug it in to your laptop when you need it. In fact, nothing gives me more personal satisfaction than purchasing a USB hard drive from Toshiba/ Western Digital or Seagate. I feel like I am buying myself a Christmas present.
Yes, I love my local backups. But how do I stop Windows from pestering me to setup OneDrive? I don’t want my data on your cloud storage, so GO AWAY, M$.
Ever since i knew ransomware and ever since i knew how SSDs aren't necessarily longer lasting than HDDs i put good care on not putting important files in internal drives. Not even android which could get lost or shorted.
I've said it before, you are THE BEST PC Tech I've ever listened too. I work for 19 Major Companies as their full time Systems Administrator & You really know this Tech World!
I appreciate you spreading the word. FWIW, I am fairly sure that if a 3 letter federal agency asks Microsoft for confidential information from someone's computer, their account, or similar, like many corporations, I'm fairly sure that it won't take an actual warrant to get it. Many corporations open their hands the moment that the feds ask for information, and that's without asking for a valid warrant for the information. Worse, you, as the owner/user won't know because it's done completely behind the scenes. That information could conceivably include local passwords, any information backed up, the bitlocker keys that are there to supposedly safeguard your data, etc.. Worse side of all of that is while it's considered your data, with others having access to your data, what does it take to actually slip in something that would incriminate someone; you know, add in some false evidence.. It's almost insane to trust any corporation with your data as it's for convenience and data harvesting that they provide such services; and most won't side on protecting your data from the feds, let alone any hackers out there.
@reaper15a agreed! Had someone comment the other day that they "loved my videos but obviously I don't care about privacy because I have a TH-cam channel". After staring at my screen, and realizing they ALSO have logged into TH-cam, I'm like..."you do realize you have to login to access your channel and create videos for other people to tell you that?' Some privacy is simply skipped over because we have to. Simple as that.
Unfortunately, the Supreme Court has consistently held that you don’t have a reasonable expectation of privacy in any information you “voluntarily” share with third parties. E.g., United States v. Miller, 425 U.S. 435, 443 (1976).
@@AskYourComputerGuy You can limit the impact of using TH-cam by segregating TH-cam to its own browser, using a dedicated TH-cam account that you don’t use for other Google services (and which is not linked to your main phone), and using a VPN. This combination makes it more difficult to track you using cookies and browser fingerprinting. But you have to be extremely careful and disciplined; a single screwup can result in more connections being made across devices and platforms.
I would say that your approach of using your Microsoft account to do the initial setup and then immediately setting up a local account as your daily driver is the best. The reason being that most newer computers are coming pre-installed with bitlocker, and should you ever need to access your computer without your password, or in cases where the windows update freaks out bitlocker as happened with several computers during the migration to windows 11, having that bitlocker key automatically saved to your microsoft account was pretty handy. This is for non-technical users with limited or non-existent secret protection solutions.
I never got the fetish about tools like Bitlocker etc. They’re a waste of resources and additionally a pain in the bum. If you want a decent enough data protection, e.g. in case your PC gets stolen, just use the HDD/SSD password protection that comes with every decent drive nowadays. For those of us not working at a 3-letter governmental institution, that’s a more than decent enough protection. Regular thieves won’t go through the complicated process of completely dismantling your drive to be able to get to your data, so any form of Encryption is like shooting midges with cannons. On top of that, you don’t need an overcomplicated password to protect your drive. It should just be something that’s easy to remember but HARD to guess. Apart from the obvious no-no’s, almost any word is as good as any other. Most drives lock up after like 3 attempts, and you have to power them down and back up before you get another 3 attempts. No thief, or unknown person will go through that process on the odd change of guessing right. They’ll just throw out the old disk and put a new one in. So, your data is almost guaranteed to be safe, case you PC gets lost. I’ve been using drive passwords for 10+ years now w/o any problem whatsoever. That being said, DON’T FORGET YOUR PASSWORD(!) (which btw. is true for any password, and also Bitlocker), because there’s absolutely no cheap way to get your data back(!)
I completely agree with you. For Windows 10 or 11 Home edition it is called "Device Encryption" and it will automatically encrypt the local drive if the machine has a compatible TPM (2.0 or higher) and the user logs into Windows with a Microsoft account. The key is backed up to the Microsoft cloud. Of course if you decide to use a Microsoft account the the Windows login (which I don't recommend either) you absolutely must be sure 2FA is enabled or you could lose everything. You could of course enable the option for OneDrive to keep a local copy of the files on the drive, at least this gives you a failover. Good video and very good points you mentioned, thx for sharing.
> and it will automatically encrypt the local drive if the machine has a compatible TPM (2.0 or higher) and the user logs into Windows with a Microsoft account. Nope. It encrypted both my local and secondary drives and without logging into a ms account. Everything by itself, without telling me anything. Fortunately from inside windows you can just go to the options, disable it and it decrypted the disks for me immediately. Still, sheesh.
That's interesting, because Bitlocker on Pro doesn't work like that. There is no automatic encryption and you're explicitly informed that you should backup your recovery key, although it doesn't force you to do so. It even has an additional protection where it won't allow you to store the recovery key on the drive it is going to encrypt. But the drive on my laptop which came with the Home version of Windows 11 wasn't encrypted and it didn't encrypt it during setup. When I upgraded to the Pro version Bitlocker became available, but I still had to go to the relevant panel and turn it on.
The measly amount of free storage space is what did it for me. Inexperienced as I was, I went along with the cloud storage because being able to transfer files from one computer to another is vital if, say, your old computer starts dying while you're still in college. But once I realized that I would have to pay for more cloud storage space to have everything in one spot despite my new laptop having close to a full TB of free storage, I had to figure out how to get my first 5GB worth of stuff off of oneDrive and into the same directory as everything else.
ONE THOUSAAAAAAAAAAAAND PERCENT! Thank you SOOOO much for putting this video and its statement out into the world! Hopefully it helps as many people as possible to be aware that any companies acting as big brother are problematic to their lives, and that they can choose to be safer and simpler without big brother's help...in this case on their newly purchased MS OS Computer. "MANUAL OVER-RIDE, CAPTAIN"
Agree 100%. One of my clients used the PIN to enter her laptop and forgot the Microsoft account's password, because she never used it. One day, the PIN didn't work, because of an error that I found out was due to corruption in the security structures of Windows, probably due to an upgrade or something. She lost everything, because the disk was also BitLocker encrypted. And the backup in the cloud? Without the account's password, that is useless. The password was impossible to reset.
@@Sr.DeathKnight Couldn't you use another machine and go through the password reset procedure? Then just reconnect to the internet on the 'old machine', log in with the new password.
@@wildwizard33 You have a HUGE confusion about the security system of Windows and almost any operating system. You can't reset the passwords of one Windows installation with another Windows installation. That would be a lethal security problem for Microsoft and the system wouldn't be security compliant with anything. If you mean resetting the password online with Microsoft, I already said that the password was impossible to reset.
You only need to backup what you want to keep. Steam/EA/Store library can be downloaded, PC can be reinstalled. So focus on the local user folder and keep the downloads folder tidy. If you just backup the user folder and turn off Bitlocker you can do without a microsoft account. Photos don't change so they should be archived but don't archive them on microsd/ssd or any kind of solid state storage. For 5 years hard drive should be fine but any longer, I suggest archival quality dvd-r (might take dozens of these) or blu ray (not cheap). Who can say what will happen to Dropbox/Onedrive etc in 20 years time? It may be convenient but it's not air-gapped.
@-ari nothing, but mechanical storage is historically more reliable. When a mechanical drive starts to fail, you usually get some indication. SSD drives often just stop working (when they die) with no or very little chance of recovery
I’m glad you mentioned the Bitlocker thing, but it’s not Microsoft that enables Bitlocker or Device Encryption (Bitlocker’s little sister on Win Home devices) it is the OEM. Except in the case of Surface devices where MS is to blame for enabling it and not informing their customer. Dell is particularly bad at enabling this on customers systems during factory imaging and never telling them. If a client skips the MS account setup and opts to do a local account set up they are guaranteed locked out should the recovery key prompt show up and the disk gets locked.. if they HAD set up a Microsoft account during OOBE setup their recovery keys would be found in their MS account and they would have a way to get to their data and recover everything (unless something goes awry as you mentioned and the recovery key doesn’t work). This can be circumvented by setting up an MS account during OOBE setup, then deactivating/signing out of your MS account as it’s log in. Either way, since disk encryption is so unnecessary for average users, OEMs REALLY need to stop enabling it or at the very least ship systems with an info packet with giant lettered warnings and a printed recovery key explaining what they did with it. I’ve had too many tragic “no it’s all lost” conversations with Dell owners (and lately HP owners) because Bitlocker was enabled and something went wrong. Alternately I’ve been able to unlock nearly every single encrypted drive where somebody followed the steps to enable an MS account during initial setup and get their systems unlocked and recovered, which has been great. I appreciate you pointing out all of the other settings that most people don’t know they don’t need an MS account as an active login for too.
Without encrypted drives, any computer login (be it at POST or into Windows) is just for show. Take the disk out (if bios is PW protected and you can't boot your trusty Strelec PE) and you have all the data. Use any of the many available tools to reset the local account password and voila, you're on the desktop. This is a huge issue as one gets a false sense of security - the login to their desktop is password protected, they have to type the password every day after all. So how is it that someone could get the access to their stored banking, socials, work accounts, government site accounts etc. stored on the computer? So I wouldn't say encryption on a private computer is unnecessary, that would be a very uneducated thing for me to say.
A thing to add: I agree users should be better educated, should obtain the encryption keys on a paper with the new computer and be explained why they are important or that the users can turn the encryption off as well. But encryption causing loss of data is on par with loss of data caused by drives dying or of ther hard issues (power surge comes to mind) - users have no assurance for the safety of their data from the manufacturers. Same as with data loss due to the above, it's the user's responsibility to take measures to mitigate the risk (i.e. do backups) for the case of encryption issue. BTW, one of the causes of getting the prompt to enter the bit locker key is drive failure - for which everyone should know by now one needs to take precaution and backup data. (Another common cause is TPM failure).
I think its not the OEM, I can confirm its using the microsoft account with you device. I did format my new computer with the medía creation tool (win10) because I don't want the bloatware from the oem (its enough with the windows one ) then later I got the win 11 automatic update. Then the motherboard failed. I put my ssd to an external adapter to transfer the files to a new machine and surprise!!!!!
I have seen so many laptops recently from OEM’s that have bitlocker enabled but not activated (mostly win pro) and even those are hell because that means that your pc is locked and you can get the key but you will never get the prompt to actually save the restore key but you have to actively look for it yourself… the fact that you open control panel and enable bitlocker and it’s instantly encrypted created some suspicion for me, so the for next device I used “manage-bde -status” and guess what it was encrypted without a key. I am not saying I use Github windows keys personally for my private devices…. But for me it starts to become sort of acceptable that if a big company is allowed to screw you over, a personal consumer uses a trick to upgrade to windows pro to disable a lot of this shit isn’t to much of a crime. And I wouldn’t judge them. Others might disagree with my vision. Btw my first study laptop screwed me over this way (windows 10 pro on a HP Probook 450 g7) it did taught me to use proper backup so that was a win though 😅
Tip for Windows 11 users who want to set up a local account: DO NOT CONNECT TO ANY NETWORK. Infact, if you have the option, Turn Off your Wifi. If it cannot get to Microsoft, Windows is forced to have you create a local account ONLY.
@@carlmichael5592 I just two days ago made a new install to a friend with Windows 11, just unplug the network cable, chose "not access to internet" and proceed to install it. That created local account, that I needed to create another for MS account to get the activation done, and then deleted that account.
@@AskYourComputerGuyafterwards, do we have to do any other command prompts? It works, but I don't know if I'm free and clear or if there is more work to be done... Thanks!
Good points. I'm a retired programmer with over 30 years experience who never had a Microsoft account. I manage my own backups and don't use Onedrive or any of the Microsoft office software. I bought two miniPCs this year with Windows 11 and did not have to create any Microsoft account in order to start using them. If anyone wants to use that stuff that's fine, that's their business, but it's not necessary in order to use the OS. Most of my work I do on FreeBSD or Linux anyway.
Great video. We need to open more eyes to this problem. Even if you don't use a Microsoft account to login to your computer, Microsoft is *still* gathering way tooooo much info about your activities. *EVERY* click to open a folder or file or application, or installing or removing an application (and LOTS more!), is telemetry that is getting sent to Microsoft. I use a separate, third-party firewall that allows me to monitor and *block* this violation of privacy. Their claim to "making the product better" is BS.
not bold at all.... Google does the same.. Are you suggesting it's better NOT to know ?? Perhaps they shouldn't be gathering sensitive info, but that still doesn't refrain on not telling users.... I'd rather a honest company, and let me decide, then a dishonest one which doesn't reveal all (to some level)
A form of Bitlocker is on Windows Hone though it's called Device Encryption and it does require a Microsoft Account. Bitlocker itself doesn't require a MS Account and can back keys to a text file, printed paper, on-prem or Azure AD Domain controllers.
@Impact009 well, a) Scott doesn't lie. That wouldn't be good for channel growth or trustworthiness of the 50,000+ people who have subscribed and b) Microsoft says it won't. Which of course makes me think it probably does. That was the whole point..how can a machine with W10 Home be locked? 🤷♂️
I will say though, for home users with a Microsoft 365 account, you get more storage than 5 GB. It's 1 TB I do believe, and the synchronization across multiple devices is a nice convenience. As well, you have the ability to choose which folders are replicated to the cloud. Professionally, my general routine for set up of new systems is to create a local account as the initial "super user" account with administrative rights, then the machines is attached to the AD which is maintained locally and not Azure Active Directory. The user will log in with the rights and permissions I've established through my DC and then I'll connect the users' Microsoft 365 account to that AD account.
Thank you - this is the first sensible, fully informative comparison of MS and other procedures/programs. I have continuous issues with the whole MS setup. I don’t use OneDrive and various other problems. Great video! Kathy.
Interesting video. You suggest all the same things I've been suggesting to friends and family for years. Personally, I use a NAS on my local LAN for backups. I've never, not once in decades have had a need for "Cloud Storage". OneDrive as a service doesn't exist on my machines. One of the first things in a long list of things that I remove after a new install(along with Feedback Hub). That's my biggest pet peeve about the Windows 10/11 installer. It just throws everything on the machine without asking. Yes, I know, I can create a custom installer but I shouldn't have to.
I really dont understand why ordinary people want the cloud for everything. I stay out of that as long as I could. I think 90% of the people dont need the cloud.
@@Vanadium Because you can sell most people on "convince" It is why so much is by subscription or is all digital and can go away at any minute. Sony just told a bunch of people that a load of movies and shows you bought will be pulled from your libraries.
@@VanadiumIt also makes it so my pics and phone are easily accessed without having to sign in to my machine each time. It sounds stupid when i say it but i find there really aren't a lot of great ways to get photos off your phone from your computer. the best option is connecting my phone to the computer with a usb cord and then its slow and often disconnects. the cloud always mirroring what images are on my phone is a nice convenience. I am someone who takes a lot of screen shots and pictures of something as reminders of things i have to get done. sometimes i use it for documents but having it for everything is not wise. those accounts can go bye bye for various reasons and your data is not as precious to the cloud companies as it is to us.
20+ years fixing computers myself and I agree 100%! One additional trick when doing a fresh install aside all the others I`m reading, just don`t connect the machine to the internet until your are in the desktop, that also works ;)
Yep, that's the trick I use when installing Windows in VMs. Don't set up internet in the installer. Finish the installation, then set up internet once you escape the OOBE.
That used to work. It's been a while since I tried it but (from memory) a couple of months ago, fresh install with no Internet STILL insisted on using a Microsoft account instead of a local account. I had to run an oobe switch to bypass the Internet prompt and THEN reboot and eventually got a prompt to set up a "limited functionality" local account.
@@davidchristensen811 Good to know! But the USB stick that I use to install Pro/Home (let`s say the normal versions) is a bit outdated (21H2) because I`m lazy and prefer to just run the updates later has part of my testing.
Your video made me feel really good about having ditched Windows for Linux. I am not a sophisticated user by any stretch and have adjusted to Linux after having used Microsoft operating systems my whole life, since before Windows. No regrets.
Yup, same here. I have a multi-boot machine but very rarely use Windows for anything. My kids, however, have to use it for some school work so they have Win10 on their machines with local accounts.
@@billmiller4800 Libre office is great, reads all windows stuff, I have even opened old 'Works' databases and documents in Libre office that MS office would not open.
I made the switch a few years ago when W7 support ended. After trying a zillion different distros, I settled on Opensuse Leap w/ Gnome desktop. What a relief! Linux allows you to do things your way, not MS's way.
On the ease of accounts being compromised, it's a bit misleading. Microsoft recommends everyone use the Authenticator app and Windows Hello, and is encouraging people to ditch passwords altogether. Realistically, if you follow the recommended process by Microsoft, which every user is asked to do during setup, an attacker would need to not only have your password but also your phone and your thumb in order to gain access to your account.
I've had a MacroShaft account for years, but I've found I might need to log into it maybe twice a year . . . I'd rather keep my data backed up on my own hard drives, thank you :)
POSSESSION is 9/10ths of the law, you know. Cloud storage is just us GIVING them our personal stuff, of which they can claim ownership, in many legal situations. OOOPS.
I would like to say I really do agree with this except in one specific situation, and that is setting up Family users. When you want to setup simple cross-device management for child user accounts then using Microsoft Family with individual Live IDs for logins for your kids can be very beneficial. It is one area where you cannot get that same capability with just a local account and, at least from all that I have tried or investigated, requires your kids accounts to login with a Windows Live ID.
@@DatamasterCorporation No but by setting hours of activity I can set reasonable expectations for when they can be on electronics and when they should be off sleeping or taking care of other responsibilities. It also helps when I get a flag about a topic or website that was searched that came up as flagged if it's something we need to have a discussion about one-on-one or as a family, which has been tremendously helpful for my kids to learn about open communication and trust. I get that Microsoft Family (or any other access management system for family for that matter) may not be the solution for everyone. For us it has worked great. I simply was stating that for THAT specific solution, as per the subject of this video, you do have to use Microsoft accounts for it to work. There are many alternative options though!
I'd like to clarify that this is part of Windows Defender (now known as Windows Security) which no longer requires an MSA. It behaves quite similarly to how the Parental Controls feature behaved in both Windows Vista and Windows 7.
Speaking as someone who worked for Microsoft for 2 decades. I totally agree with you. It is not that MSFT is bad, they are genuine in their attempts to make your computing experience seamless across all the devices that you use. However, that requires that you are online to login to your system. (especially if you aren't using the corporate versions of Windows). So if you have concerns that your system has been compromised & you want to isolate it, to backup specific files before wiping it, you can't. And you risk the compromised link & other files syncing to your other devices. So on your new PC. Create a local admin account, Create a local account. Log in with your local account. Then login to the Microsoft services with your Microsoft account as/when you need them. You get the same experience with the MSFT tools. But you've reduced the attack surface of any scan/hack attack.
I appreciate your input! I get so many comments on this channel saying that I hate Microsoft - just the opposite! Microsoft has allowed me a great career. But there are still things people need to know if they aren't educated (which Microsoft fails miserably at doing). Thx again, I really appreciate it! 👍
Or if there's a problem with your internet router, you can't login to the desktop to get to the router interface to fix it because Windows won't let you login without the Internet. This is the biggest argument for using a local account as far as I'm concerned. So many Windows features were designed on the assumption that internet access is ubiquitous, which it isn't.
@theharper1 you don't need internet access to login to your local router. You just need the IP address that the router assigns every device when connected to the network. Whether internet is flowing or not doesn't affect router login 👍
@@AskYourComputerGuy if you are using a Microsoft login and the internet connection is lost, you can't login to the PC to get to a browser to fix the router.
Great video. You are correct that Onedrive storage is limited to 5GB. However with Office 365 your Onedrive storage is 2TB per user. You failed to mention that.
Correct, and that gives Microsoft a potential extra 1.995TB of your personal data to mine. I for one have never had a Microsoft Account, and I never will.
You must pay each year for msft365. That is the catch. I have office and have paid 50$ for unlimited use. With all that money saved, I can buy a great NAS that is very very fast and do not need msft cloud that is slow and buggy. No msft account and their spyware. No Edge browser that is very dishonest and pushes their advertisement and fake news. The Nirvana!
I always make this my number one tech tip with windows. Always make a local account. It's how they did it back then and that's how you should do it now. Sadly the main issue with this argument today though is that Microsoft has made it more difficult to make a local account especially with Windows 11. The only tools we have to stop this behavior from the corporate conglomerate is using Linux as your daily driver.
While I try and use Linux as much as possible, there's still instance where I need to use Windows for certain things (whether that be hardware updates for peripherals or certain software). I'm still happy I can do 90% of what I need to on Linux. It's just finding that right Linux install that works for you.
Just a farmer here so I could be mistaken, but there's a couple things I would add. Unless they've blocked it, you should be able to skip making a MS account by using oobe\\bypassnro during setup. Windows 11 also changes the CPU scheduler, so 12th gen and up Intel processors are more effectively utilized.
If you have any short, simple answers you seek, please ask! Would love to show homage to Harry Morgan and mention your handle in an upcoming Q&A short ❤️
This is one of the reasons I've never used Windows 11, among other things. I still gladly use Windows 10 and only give Microsoft the absolute bare minimum info. In fact, I recently bought a laptop running Windows 11 and immediately wiped it and installed Linux Mint. The Windows boot screen never saw the light of day once.
You can just use Windows 11 with a local account, in all the ways described in the video. Just switch to a local account. It doesn't even create a new desktop or wipes your browser history, you re-log in locally, and see your entire environment exactly as you've left it.
@@jelleludolf using winaero, open shell and do not spy 11 one gets a pretty decent experience with classic features reactivated & reimplemented, as well as turned off microsoft bs. replacing the microsoft apps with better free or even open source programs ( like libre office and vlc media player) gives a nice experiebce.
@@contra_planoIs it really that much cheaper? I mean what about the mini computers that only cost 150 bucks. they dont sell with an option to install an os on your own. I only see it costing that much if you buy it from windows separately. Did you not pay for your windows license at all? because yeah then its much cheaper. You dont have to answer that.
Personally I use Linux for quite a few years now already. Mostly because I just like to use something that looks different from what everyone else is using and also it looks quite beautiful. Also I like it because it is more safe and has better performance. For most people that are using a computer for basic things I can recommend to look at Linux and see if you can use one of the hundreds of distrobutions
a lot of the major distros now also have data collection baked in (like Ubuntu for instance) and a lot of programs/games that some people have do not function/function well on linux. but you are correct, linux is really the way to go, tho it still has its issues when run on a computer that has more than 1 screen.
@@CodeDonut There is a difference though, Ubuntu (and every other distro that does any degree of data collection) does not retain the fact that the data is yours. In other words they can't see that billy bob joe installed X package on Z date and has used it W times. Instead they see that Y number of customers installed X packaged and used it an average of W times. And as a result that data has no real value for anyone besides the distro developers searching for ways to improve their software.
@@CodeDonut Gaming on Linux is far and away better than it used to be. Thanks to Steam Proton, everything my kids and I want to play these days works almost flawlessly. Ubuntu-lite distros like Mint also remove a lot of the garbage that Ubuntu bakes in. I still wouldn't recommend Linux to your standard windows email/browser user unless they have someone knowledgeable to help them on occasion.
For geeks out there, with enough time on their hands, I agree. For people like me, needing to use specialized tools and other things on hand than having more than enough time on hand to “play” with Linux, unfortunately that’s hardly an option. And then there’s also the “problem” of the literally hundreds of variants of Linux. Why are there so many people out there that think, they need to make their own, “better”, or at least different variant of Linux? What’s that good for? The Linux community as a whole could do itself the biggest favor ever, if everybody stopped doing their own thing, and everybody would start working as a group, developing just the 3 or 4 or so variants that are really needed (for the average user) in real life. Until that happens, Linux will go nowhere (as far as the consumer market is concerned), as has been the case for the last 20+ years. Alas, that’s wishful thinking and will never happen, so we’ll be stuck with windows for a long time to come.
I don't even setup a new system with a MS login. There are various methods to skip this, and I highly recommend it, as initial setup can tattoo some settings that are annoying to get rid of. They're mostly minor, like account picture and stuff, but I do have to use Teams in a browser because of a MS account (they may have fixed this now, but since I use Teams for work, keeping it in a browser suites me). This might be because I converted a MS account to local, I don't remember, it's been too long. Suffice to say, I just don't even bother with my MS account anymore, and setup new machines with a local account right out of the box.
Good Vid ... I totally agree with what you have stated. Having over 41 years (believe it not since DOS 1.0 and now retired) support on Microsoft - you are right ! There is only one other point. Do not accept the default installation of using single hard drive as the ONLY partition for the operating system and data. I don't care what anybody says, I have spent enough time trying to recover corrupted system partitions to know that you can kiss your databases goodbye, if your primary partition is corrupted when you have your database stored in the system partition! Split your drive space in half and setup a data partition to store your database. It is very rare that you lose the data partition when the system partition has been corrupted, unless the hard drive is faulty. Golden Rule = backup backup backup
All your points are well taken. When I set up my windows 10 I don't remember being asked about using a Microsoft account but that was a couple years ago so I could easily forget. Either way I went local as I don't like my accounts to be tied to a corporation. Privacy is my concern. I didn't know about the other downfalls. My wife set her own computer up and I found out she had used a Microsoft account until I was doing a favor for her and backing up all the 1000s of pictures on her phone. I had created my own account on the computer, local. I copied the pictures into a picture folder which I had to create?? A bit confused at that point so. When she logged in the pictures weren't in her picture folder. I switched logging into mine and could see the folder with the pictures. Long story short, I created a shortcut on her desktop so she could access them. What a mess.
I wouldn't store photos on cloud either since they can be erroneously flagged (like imagine having too many skintones will be flagged as pornography or how a random pattern is mistaken to be a sign for dangerous or racist organizations) and automatic flagging never learned. Got flagged multiple times on Facebook erroneously myself. A father in the US got banned from Google after sending a medical condition picture to his doctor and there is no malicious intent ever. Currently i store wallpapers in Google Drive but just to be safe it's all scenery, vehicles, pixel art, and abstract art. No humans or animals. It can be flagged wrongly.
That would have been the case if she had created a local account too though. As you say, privacy is your concern so, quite rightly, you can’t access the personal data of the admin of the computer that you’ve created a guest account on. You certainly can’t push your own personal data into their pictures folder without hacking.
@@PippetWhippet In this case it wasn't trying to hack my data into their personal folders. It was confusions created by the fact that she had already moved some stuff from her phone into her folders and I was trying to finish for her. Where was the stuff she had already moved? Having just one account would have made it a lot simpler. During my years of supporting users in a corporate environment finding files was probably the most often problem I encountered. I can see having of computer storage as great for really important stuff that needs backup but it should be in a fashion that is understood. I suspect many average users who are using the microsoft accounts don't even realize their stuff isn't actually on their computers.
@harveybc when profiles are made they have their own storage space. So the "desktop, pictures, documents, downloads, music, videos" folders are separate for each user. They are located on the c drive in the Users folder. Easiest way to share between profiles is create a folder on the c drive directly or better yet create a new drive partition and put the items in there.
Worth mentioning that a local account "protected" with a password, can have the password pretty easily removed, pretty quickly by anyone that knows what they are doing in that dept., and has access to the computer. Not so easy with a Microsoft Account, like almost impossible with 2 factor enabled.
Even with 2FA, I can reset a Microsoft account password off a machine in about 3 minutes using 4WinKey. Granted it's only the cached copy and when you log back in, Microsoft will notify you there is a problem with your account, but then you can click to change the password. But at least you're back in instead of being locked out. Here's what I use, it's been a Godsend for me in my local business : How to crack a Windows password FAST? SOLVED! [2022 update!] th-cam.com/video/LFMjbvzO3ZQ/w-d-xo.html
As a support person with 40+ years in the game, this has been book marked. Will keep this as a reference for my argumentative clients who wish to use a Microsoft login and/or BitLocker. That said, I've taken on clients because they've been bit by either of these choices previously.
Before I say anything else, use whatever operating system you want--whatever you're most comfortable with. With that said, this is why I switched over to Linux Mint. My computer feels like a computer now. Linux stays out of my way unless I need it. It can still connect to the Internet and allow me to watch videos, go on social media, and so on. I can still listen to music and play games and write documents. It's not perfect, but my hardware is my hardware. That's refreshing in this day and age.
I agree with everything except when you said you cant use a local account with Bit locker. You most definitely can. I only sell machines with the PRO version and always setup a local accounts for the customer even if they have a Microsoft 365 account.
Also a 25 year IT Professional. Instead of fear mongering, learn to use your computer. People often fear what they don't understand. Learn about the services available to you and what they do. Then learn to use your computer responsibly. You can keep critical data on your system but take adequate precautions to protect it and don't put all of your eggs in one basket - invest in redundant back up solutions. External drives, network storage, and an offline protected backup of more critical information. If your computer was stolen, destroyed in a fire, or otherwise stopped operating, this gives you multiple ways to rebuild and not lose your data. Sorry but this advice has been preached many times by many more wise IT Professionals for at least 30 years and I remember hearing it 40 years ago before the internet was common place. Just browsing responsibly can make a major difference in keeping your computer secure.
This is fine and all for tech people, but the average consumer doesn't care about this. They don't want to learn, they want something that just works when they hit the power button. Windows has been so dumbed down that nowadays most people have no idea how to use basic features of their computer.
@@sigh-cosis "Windows has been so dumbed down that nowadays most people have no idea how to use basic features of their computer." Did you ever see Mac OS?
Great review and spot on privacy advice. I keep 2 towers, one for gaming and life, the other is just storage made of the last computer build. It has 5 or 6 hard drives currently, soon to be +1. Basically whenever I build a new computer, I get a new drive just for it, and the old hard drive goes into the second tower, from there I can duplicate whatever as a backup when one of those drives fail, I think the oldest surviving drive is nearly 20 years old lol... no cloud, no nothing. If I want to copy something over to the main computer, thumb drive or email. Only issue I see coming is all new builds will be M.2, so expansion cards / multislot motherboard for the next one to prepare.
with ipv6 it’s also possible to expose part of your nas storage to the internet and use it as a personal cloud. Likely the upload bandwidth will be limited, should be fine for documents and such. The hassle is all the security is now on yourself.
I agree 100%. Fantastic video. Excellent information. Wow. Nice job. Man, you NAILED it. I want to add that I already knew most everything you are talking about, but you just reinforced in concrete in my mind exactly how I feel about this subject. Thank you for this video. You just said exactly what I needed to hear. I will probably watch it again. It's that good.
Never heard of that problem with Bitlocker. Seems like a very unusual problem. Ideally the user's OS and the files should be on separate hard drives so the risk of data loss is minimal.
Bitlocker is very useful and I think the benefits for regular Jane outweighs the risks. You wouldn't want your data to be unencrypted when your laptop is stolen. But that said, Linux >> Windows and LUKS >> Bitlocker.
@@Tech-geeky Separate partition should be fine. An extra drive provides added protection against hard drive failure, which is admittedly rare, but with SSDs can occur abruptly. Better safe than sorry.
@@jonathandawson3091 From experience I'd say bitlocker (and honestly most encryption) is way to advanced for a regular run-o-the-mill Karen or Carl user to be using. I always advice against using bitlocker unless the customer TRULY know what they are doing and TRULY understand that if the 24-something digit lock-code is lost, then your material is lost forever.
I've been using a local account for a while now, but my kids are on ms accounts for login as it helps with family safety and management. Would love to hear your thoughts on that
I totally agree with you! I feel my privacy and my right are invaded ever since they started these damn things! This kind of Violation of personal privacy and right needs to be stopped!!!
I totally agree !! I stay as far away as possible from any Microsoft BS. Excellent video. ! Keep up the great work. I appreciate the time and effort that you place in your videos !! 👍👍 ⭐️⭐️⭐️⭐️⭐️
Couple of things we noticed about the bitlocker issue. We have seen windows machines with local accounts with bitlocker getting enabled during the oobe without letting the customer know. This is with oem installs of windows on devices with modern standby enabled during the oobe. The ones with local accounts with bitlocker enabled have lead to data loss. the only ones we have had any chance at recovery were the ones with microsoft accounts unfortunately. Due to this reason, on new laptops we wipe and reinstall windows before sending them to users.
This is the thing A lot of people do not understand. Even though you don't log in with a Microsoft account you could inadvertently be associated with a Microsoft service that could be designated as an account and a BitLocker key could be issued. At some future system update or bios update the BitLocker key could be activated and you'd be completely locked out of your computer.
Totally agree with everything you told me. It has irritated me for years how control is taken over from your machine. The stupidity of making windows restore almost impossible to get to. The Uefi Bios is terrible. The override function to bypass the boot selection is often dramatic. I often look back to the good old days where you had more control over your machine and operating system.
Excellent tips! I would add that you can actually activate your computer by tricking the MS prompt. Type in a fake email and password, and it errors out and lets you continue activating with a local account. The other issue with MS practices is that it can be really confusing for seniors. A lot of our senior customers would be lost having to navigate that labyrinth, so we stick with local accounts for them, local backups, and RMM to ensure device health.
Linux, OpenBSD, Unix... It was ingrained in us to always have a user, NOT a "Super User" account. In Windows you can always reboot or worse flatten and reload. On a large machine shared by many users, admins had to shut down processes and Daemons, fix them and bring them back on a running platform.
I am a teacher and in our IT classes (we train students with basic hardware, software, office and service desk work, that kind of thing) we still always learn them to only use local accounts, from day one when they first install windows 10 or 11 on a school device. If they go to work in an organisation that requires microsoft logins, that organisation will explain it.
What? Are you serious? So you teach non-best practices to students then let the company that hires them train them correctly??? really? Logging into a system is step 1 and should be lesson 1.
@@tshackelton we are not talking about corporate it jobs that require degrees, but the low end, service desk employees, people who mostly will give advice to ordinary people with 1 laptop...
Wondering what you male of this? Worries me/still on 10 Pro ---- Windows 11 has strict hardware requirements and even the slightest deviation means something will not work in Win11. I have tried it with 3 different computers, and something different was out of whack on each one. Microsoft has tried their best to make it look and operate more like a Mac. Also, Win11 is an "always online" OS, meaning it's always trying to connect to Microsoft online services and it assumes that you want to be always online and sharing absolutely everything with the whole world, and getting constant feeds from everywhere. It also needs to be online because it is constantly downloading updates from Microsoft (as in: every other day), so if you're not connected, it will start downloading updates every time you start up.
Agree with your Mac comment. I'm not even a Mac user, and I've been saying this since I saw Win 11. On my corporate network, I've blocked updates beyond Win 10 with a GPO.
I downloaded Windows 11 for testing on notebook. While janky at first, it was ok but I don't prefer it over 10, especially because many clear defined options have their text replaced with icons. Since after 2 years I still can't really get used to those icons, I stick to Windows 10 on my pc. Note: While a debloater removes pre-installed stuff, I felt it made Windows janky on occasion.
@@whothefoxcaresWouldnt the notebook computer feel like it was just rejected and discarded? Maybe you feel the user would be happier, although not sure about the notebook computer. (I disagree that having a MacBook Air is automatically going to make someone happy. I get that you are likely a Mac Stan though so, you wouldnt understand)
I don't find ipads etc much of a replacement to netbooks etc. It isn't great for those of use that do long legal docs etc etc. I really do loathe MS though with its relentless interventions etc egtc etc @@TheMikePemberton
You forgot that local accounts handle networking and network sharing easier. Its not more insecure, its just that local accounts see each other without the extra hoops that might or might not solve the network visibility issue which just compounded when using either older devices or none-windows OSes. When MS first rolled out logging in with MS accounts, Local and MS accounts literally could not communicate on the same network, all they could do was network passthrough for internet use. Same issue when setting up a Home Network vs Work Network.
Interesting because my two Windows 11 pcs did not want to see each other until I signed in on an old Hotmail account lol. I use no cloud services period. I knew someone else with the same issue with a few pcs, they created a single MS account and they work together now.
@EJAYHILL1977 Then why would two pcs running Windows 11 not see each other properly on an Xfinity router? They would not talk to each other one would pop up but could not see the other, had the simplest sharing no password options picked like in the past. Maybe one of my installs is weird then lol but I did run SFC on both.
@@nbrown5907 Easy, because the COMCAST XFINITY ROUTERS are proprietary garbage, and are known for being completely crap routers. I run my own router on a 100+device home network, using PFSense and never have these issues, and I run an unRAID system for my network storage for the whole network, all of which besides 3 XB1's and a Laptop that run Linux, every single one can see and access everything on my network. If I were to go back to an ISP controlled/supplied router, most of my stuff probably wouldn't work right. Also without modifying things in GPE to allow for non-secure anonymous login on anything, Windows 11 since the last quarterly update has disabled that.
I was so sick of these microsoft behaviors that I switched to Kubuntu LTS 10 years ago. Despite the hurdles of learning a new platform, my "OS stress" is quite low now. No viruses, no reinstalling everything, no being locked out of your own computer. Highly recomended!
Agree 100%. Further protection: when you sign in to apps, do NOT use your actual information when setting up the accounts. I NEVER use my actual birthday, I never use my actual addresses, name, etc. I always try to annotate the new account and what settings were on it. Next item: There's an old expression in Word: "Save Early, Save Often". I have a 1T external drive that I download to. One thing I am doing now, is to start making sure that any Word, PPT, Excel sheet that I am done with gets turned into a PDF and just keep making sure that I make hard copies of all of it. Absolute PITA for the most part and I still have a ways to go to get it all done, but when I'm finished, my entire career for both jobs will be hard copy in the filing cabinet and soft copy in the external drive. Once I'm satisfied there, all the sensitive stuff is removed. As long as you do it early and often, it only takes a few minutes. That way groups like Micro$ft, as well as other malicious groups, are minimized.
When you are using an external drive, make sure you have several redundancy drives, not just 1 spare. Believe me, i had 3 external Seagate Barracuda drives that crashed without warning. Full hardware mechanical failure. Impossible to retrieve the data without sending the drives to a clean room harddrive data retrieval specialists who could possibly snoop on your files while they are recovering them. I now use 3 Western Digital external drives that are replicas of my laptop harddrive.
@@origenjerome8031 This is one of the reasons I suggested hard copies of everything. Yes, I know, really, really cumbersome and space intensive, but a hammer to the side of the filing cabinet won't destroy the contents.
I agree 100%. I miss the days when Windows was just an operating system, not an advertising machine, that collects all your data using useless features as an excuse.
Oh, and the incessant advertising for Office 365, expanded OneDrive, etc everywhere - even file explorer. It's horrible.
Indeed
I often wonder what my Windows 11 is doing behind the scenes. I do not trust Windows at all anymore.
My last favorite OS was Windows 7.
Like Google Crash Handler. I hate that executable and immediately delete it from my computer upon discovering it running. It's an erroneous title. It doesn't manage crashes. While it's running, it slows down your computer and sends "telemetry data" to Google. What I'm doing on my computer is my business, and I don't want something running on it that Google snuck onto it via a browser update.
I really miss Ms-DOS and Norton Commander days - no ads at all! )
I agree, I miss the days when your windows computer was really "your own machine". Little by little everything seems to be moving to away from a standalone computing environment to a cloud based subscription model which feels very intrusive. Thanks for the great videos
Sad but true. Thx for the comment 👍
You do not have to use such systems. You can choose.
It's the reason I moved to Linux and I don't regret my Choice
For me, it's Windows 98 and Netscape Navigator, a much simpler life. It all showed so much promise. When I retire I'm going to just sit there and type games into a ZX Spectrum just to be away from T&Cs and this "Second life"/"1984" hell I find myself in.
@DJ-Eye 😂😂😂
As an IT professional with over 25 years of experience, I agree with you 100%.
Thank you! I appreciate the support very much :)
Likewise. And I only back up to local portable drive, with my own backup software - not the Microsoft products. Once a week, I put that drive into a safety deposit box at my bank, swapping between five drives.
@MrJest2 smart!
Same, lol. Try 27 lol
As an IT professional with over 30 years of experience, I haven't heard such nonsense in quite some time.
I'd quite like to address this video point by point but a) it's 1:30am and b) I have a funeral to deal with tomorrow. So maybe later.
I still remember Windoes 98 when there was no need to login to anything it was just a computer. I miss that.
Agreed!
Well, unless your usingmore than one desktop. When I had win 98, my dad shared my computer and I gave him his own local account and desktop.
the goal is to move us towards 'you will own nothing, you will pay eternal subscription fees - and you will be happy'. time to not support this cr*p
Yeah, I used Windows 98 well into the 2000s.
Miss Windows 98. I do have Windows 7 running on an old laptop.
Great video as always! And you don’t even need to sign in with a Microsoft account at all during initial setup. If you type ‘a’ into the username and password fields, it will tell you something went wrong and just let you make a local account. As someone who works in IT and sets up new computers all the time, this is a huge lifesaver.
Yup! 💪
Does it allow you to use the App Store with local account? I only use windows in airplane mode for photoshop. My main system runs on MX.
@rohitk8797 yes. I show that in the video 👍
Thanks for this tip. I was infuriated when I was installing a new computer for my parents. I knew some workarounds with Win 10 (and pro version), but this of course had a win 11 home. I don't even remember how ended up installing it in the end (probably with my throwaway ms account and removing it after I got the local admin setup).
I'm wondering if the EU is having a look at this as it's basically forcing you to use ms account (unless you're quite advanced in it).
And that Bitlocker being activated silently.... yeah, I've had my share of those problems at work. And those were win 10 pro machines that weren't installed with ms account at all, but rather in local domain. I don't remember WHY that happened, but I wasn't amused trying to figure that out. After that I usually remembered to deactivate bitlocker after initial installation 😂
@Garbox80 the difference is, YOU know about BitLocker. Unfortunately, the non-techie masses don't. And if this happens once to some unsuspecting novice, that's one time too many...
There is one advantage you didn't list... and that's having the Windows license being bound to that user account rather than the motherboard of the system. So, if you have to replace the motherboard, or you build a new computer, you don't have to worry about activating Windows. However, that's really mostly relevant to the DIY space. It's also a double edged sword, because if your account is hacked... you might never be able to get back in, and that activation would be useless and you have to get a new key.
Regardless... I always use a local account as my login to the machine, for all the reasons you listed. People need to keep in mind that Microsoft doesn't care about selling Windows anymore. They're more about selling services and your data. Windows is no longer the product... you are.
Excellent points, but I was pretty sure that the activation stopped with "significant" hardware changes. Not supposed what Microsoft considers "significant", though..so there's that 👍
@@AskYourComputerGuy I changed my motherboard and that considered it a significant change. Changing GPUs and RAM don't count as significant.
@jer4rud0 agreed
@@AskYourComputerGuy I have several test benches here that I've swapped the CPU, GPU and RAM countless times, often the CPU and GPU at the same time, and never had one deactivate. The only change that I'm aware of that will require reactivation is changing the motherboard.
@TheGameBench that makes sense, since the activation is stored in the BIOS 👍
For me "you can't log in into your machine until microsoft allows you" is enough to forfeit all the possible benefits.
100% agreed!
It's enough to F Windows entirely.
@@jovetj one of the reasons I'm switching on my laptop. But I'm not amused with battery life. Plus I have dual graphics which is another level of problems.
you forgot to put "YOUR" in caps
@@jovetjOf course, and you should if possible. Everything you actually *need* works on Wine anyway.
Computer guy of 30 years here. Watched your video with interest. It reinforced and crystallised my own feelings about local accounts versus MS accounts. The information about Bitlocker also useful and interesting. Thanks
Agree 100%. One of my clients used the PIN to enter her laptop and forgot the Microsoft account's password, because she never used it. One day, the PIN didn't work, because of an error that I found out was due to corruption in the security structures of Windows, probably due to an upgrade or something. She lost everything, because the disk was also BitLocker encrypted. And the backup in the cloud? Without the account's password, that is useless. The password was impossible to reset.
@@Sr.DeathKnight THAT is scary! I'm a total novice with this stuff - I also have my Xbox account & had to backup all my game captures to onedrive thru my XBaccount. I agree with this and didn't know we could even bypass the PIN thing when I first got it.
Imagine being a store owner and then being told that you need a PIN from another company far, far away to be able to activate the door to your store when just using a physical key should be enough safety for you.
Bitlocker is a Linux layer that loads before Windows does. So, why not just use Linux? Computer engineer since 1982.
Bitlocker is used by default in new installs and refreshes of Win 11 starting with the most recent major update.
As an IT professional for 26 years, and a PC geek since 1978, I avoid any external authentication related dependencies I can when configuring a workstation, (especially authentication!!!!), and for a company that we already know exploits there users as a "product". So, I also agree with you. That said, I use a completely different login for packages such as Microsoft Office (I don't use office365 at home), a different login for skype, etc... on new installtions I disable onedrive, and avoid other "cloud" logins where ever possible.
👍
I fixed mumy windows issues by installing debian lol
I never log into my Microsoft account and have my Windows 10 lockedl down as far as possible. I have never used The Cloud and warn all my friend against using it. I also don't use Outlook but use Thunderbird. The idea to to use as little of Microsoft's products as possible. I don't use Skype. For backups I use a 5x4tb WD Red Hard Drive system (USB 3) which I only connect when I want to access the files there or perform backups. I also have a 1tb NVME hard drive off site held be a friend who I never phone or send an email. That keeps big brother out of the picture.
@desoneill5489 nice!
Totally agree with you. It's MY computer, MY data and I am not going to add another dependency (that as you mentioned, can be hacked) between me and MY computer.
In fact, I circumvent using the Microsoft account when installing/setting up the OS.
It's bad enough that we've given up so much control over our computer in the HOME editions (which are verging on spyware).
Agreed!
Totally right.
I moved to Linux after Microsoft "accidentally" forced Windows 10 upgrades on a ton of users, myself included. Telemetry that can't be entirely disabled? No thanks. And the last 5 years have been amazing for gaming on linux, thanks to Valve's Proton framework. Honestly, I have no reason at all to return to Windows and I'm relieved for that. As you said, it's MY computer, MY data, and I prefer using an operating system that respects that entirely.
@MrCobalt 100% 💪
As long as you run windows, your computer is not your computer. It's Microsoft's computer, you're just allowed to use it. Local account, Microsoft account, as long as you're connected to the internet it doesn't matter. Switch to Linux.
As an IT professional with no years of experience, I agree with you 100%.
🤷♂️
I was a computer tech, and the amount of people both home and corporate users who had no idea they had bitlocker installed was astounding. If I had to replace a system board on a machine that could not post, and when presented with the the Bitlocker recovery key would think its my fault and responsibility to fix.
Agreed! And that's a hard conversation to have with someone who just lost everything. Some things are just not fixable
Normally the bitlocker key will get stored on the microsoft account. So as long as you know that you can get it.
@@AskYourComputerGuy
Backup, backup, backup can't be stressed enough. And the average user typically doesn't understand the value of rotating backups until it's too late.
@@AskYourComputerGuy That is why I ALWAYS pushed my clients to setup a NAS and companies to have a portable that would be kept off premises. It is insane how they would fight over cost an inconvenience.
Then they have a catastrophic loss.
I ALWAYS said we can restore from your latest backup! Some had it other didn't.
I've never been a fan of "cloud" storage "because it's easy" easy for hackers too!
@@cruisepix
My mantra is, there is no Cloud, it's simply another computer somewhere, and that means another weak link in the chain that a hacker can exploit. The number of data breaches testifies to that. An off-site backup is the safest route to take.
The first thing I do when I want to install Windows 10 is to unplug the Internet cable or turn off Wi-Fi.
This allows you to bypass the Microsoft login requirement and have peace of mind.
Great video. I absolutely agree with you! Greetings from Germany!
you can also just chose this option while installing. At least this was last times i installed windows 10, lately i only install 11 and there it is also an option, while being connected to the internet.
@ArgelTal_ 👍
@@ArgelTal_ i've seen that option be funny. another youtuber had a video about this subject and showed it missing and how to get it back. @CreatureOFTheVoid mentioned it being hidden during install in another comment on this video a month ago. but just put "a" for both user and password and it will redirect to a private account. there's other ones that work, too, like "admin".
@@TheJacklikesvideos Funfact, i have to correct myself i guess. I think the Option is only availiable at the Pro versions since i installed my first windows 11 home yesterday after a long time. And this option was not availiable!
@@TheJacklikesvideos Is the "a" thing true? All the tutorials require you to use cmd and disable OOBE in order to bypass this
Wanted to make some changes to my microsoft account for ages and didnt even quite realize that i login with my ms account, this has pushed me to finally do it, thanks
Excellent presentation. Retired IT guy here... used to be a Sr. Application Developer. You are spot on!
Thank you for the support 👍
As an IT professional from 1981! - and as many other folk have said here - I totally agree 100% with your advice. It is appalling how MS treats it’s customers, (or it’s competitors - Netscape et al.) And MS’s policy of more or less forcing / tricking Win 11 users of certain editions to always use an MS account is even more of a concern. They really are as bad as ever were.
And did I suffer a retro 1970’s acid trip? BUT - didn’t MS say ‘Windows 10 was the last operating system you will ever need to buy’?
Thanks for your great content.
I appreciate that!!! 💪
@@AskYourComputerGuy And I appreciate you reading my comment and replying sir! (I think you’ve had over 4,300 and well deserved too.) Greetings from the UK.
@stephenbarrette610 thank you, my friend 👍
Pepperidge Farm remembers them saying Win10 was the last one! lol
LoL, in 1983 I was in Junior high School taking Courses like FORTRAN and COBOL, there were no ral PC's at that time! okay I had a Comodore vic 20, Timex sinclair 1000 and stuff but PC's were not the common thing, so what Fortune 500 company did you work for? I joined the military in 85 and stuck with Electronics and IT.
I have used a Microsoft account for many years and I have come to the same conclusion as you ..... I don't need or want a MS account anymore so starting tomorrow I will be switching all my PC's (4 desktops) over to a local account ..... keep the vids rolling you have some very good info about computers.
Thanks, I appreciate that! :)
How about… switch over to Linux instead 🫡🤪
@John3_16_ Stay tuned! Working on a new video called "Windows expert tries Linux for the first time". Thought it would be am educational video to show Windows users exactly how difficult a time they will have switching when ALL they know (like me), is Windows. Should be an interesting evaluation from a newb standpoint! 👍
The thing about the "having things backed up to Microsoft's accounts means a subpoena could let a three letter agency see all your data" thing is that the same applies to pretty much any other online backup software. The only way to get around that is to back things up using an external harddrive, which can be rather tedious...
👍
Does not stop a three-letter agency from getting subpoenas for your local stuff if they want it.
@tjmasters7532 correct, but why give them any more "free data" to potentially use via Microsoft? Seems logical that if they have a reason to come after you, they'll find a way...but no sense in doing the work for them 😂🤷♂️
Hell if the hard drive is lost or stolen.
I can't foresee me doing something that would make the government interested in my PC. I'm more concerned with spyware, malware, and things that could compromise my computer and cause my personal financial information to be compromised. That's a threat regardless of how you login your computer. I also think one of the most important things a person can do is frequent backups of their data. Even if you do cloud backups of some things (Which is insanely slow for people in area that don't have super high speed internet connections.) You should backup your entire computer (image, files, however you decide to) that is stored on local offline storage. If the client that had to have their entire drive formatted had a local backup, they could have made a full recovery, minus only the most recent data.
Thank you. I just switched to local account after your video. I was pissed off when I been forced to use Microsoft account during installation. And I just forgot about for almost 2 years. Thanks again for the remind.
As an IT Professional practicing for 40yrs I could not have presented it better myself. Well said sir.
I'm quite new to the profession, I have only been doing it for a couple of years after getting my degree. I have yet to meet an experienced IT Professional who has 1 good thing to say about using a Microsoft Account as your Windows user account.
Thank you very much! I appreciate that :)
@poltergijs9959 there just doesn't seem to be a logical reason 🤷♂️
@@AskYourComputerGuy I notice a lot of people aren't even aware it's an option to use a local account, it's in the way Microsoft almost forces you to use a Microsoft account when first installing the OS. But I mean, what else is new ;)
@poltergijs9959 agreed. Part of what motivated me to make this video 👍
Wow!! Thank you SO much for this eye-opening video! I'm a long time Windows user and I honestly never gave it a second thought logging in with my microsoft account versus a local account. That's going to change. I'm also going to share this with the many other users I know in hopes they will change their ways as well. Appreciate this!
You're very welcome!
I agree.
The thing about the webless password reset is that it only works if you still have the same phone number.
Just dealt with that with a customer. They forgot their PIN and also changed phone numbers. So the only way to get around that is to trigger a recovery and wait 30 days for the reset. That's not an exaggeration.
In the future I will be making sure I setup clients to login locally.
Smart! 💪
I've known this since the login was instituted, and the bitlocker issue for years, but I gratefully laud you for spreading this information.
I appreciate that 👍❤️
Hello,can you please tell me how to resolve that issue,even I logged with work/school organization account and having bit locker issues
For those that do decide to use an MS account for their login, or have their non-primary account setup to use MS authentication, I STRONGLY advise you setup Windows Hello authentication for the account using a Microsoft login (you can use a PIN if you don't have a biometric scanner on your computer and can even allow a PIN to be longer than 4 digits and include non-numeric characters making it a local-only password in effect). If you forget your MS account password, or get locked out of it due to having a compromised MS account, your PIN/biometrics will still work to unlock your device since the PIN/Windows Hello sign-in is specific to that one device, not synced to the cloud. Having a device that you can access that has/had been tied to your MS account may also improve your ability to recover your MS account. (Makes things a lot more similar to how an Apple/Google account works on mobile devices). I think that MS accounts will let you use email addresses that were removed for 2 weeks to a few months in the event of a breached account as well as part of the recovery process if you have some other way to prove you are the account owner (say with a linked device that was linked before having your account compromised).
Good tips for those that choose to use MS logins 👍
Setting up various recovery methods is something to do on all "freemail" type of accounts, Yahoo, Google, Microsoft, Facebook. Too often people entirely lose access to their years of data in that free account. And the big companies generally don't have phone support or any way to reach out.
Yep, and don't save passwords in your browser or cloud based repositories. Lastpass were my password manager, then they got hacked. So now it's locally stored in KeePass with backups on multiple devices instead, changing passwords every x months.
@mikfhan 👍
since when is a 4 pin better than a password? I guess its more memorable, but since people don't like using complexity anyway these days no matter what, why should it matter?
One does not have to be a geek to have a visceral nauseous response to the idea that a corporate entity can not only be sniffing your data but also lock you out from your own "personal" computer. Having your data sniffed is bad enough, all depends on your tolerance for having your privates sniffed, but the idea you can be locked from access to your own property is beyond the pale. If you have a need for that sort of humiliation and degradation there is always marriage and access to a spouse that will be happy to lock you out of your own property.
100% yes
Windows is going to become a cloud service, similar to how you can play Xbox games in the cloud. I believe a good amount of people will move to Linux as some already have. Microsoft keeps updating Windows and breaking it, imagine it as a cloud service.
@@xlr555usa They're luring us all into the cloud and other traps and once enough of us are there with no exit option they'll threaten to drop you without a parachute to keep you in line every time you try and push back against the extortion. Even if you're a Windows groupie & not particularly impressed with Linux it is absolutely critical that we keep alternatives alive be it cash, banking, computing whatever. A world where (for example) the Canadian Truckers can be shut down by the banks or a company like Amazon's AWS can "fire" a customer like Parlor is a very dangerous world indeed
But your still wasting your time bub 😂 NSA has access to every packet being sent no matter what you do , you think you matter? When worlds most wanted hackers get letters from the NSA saying they know who they are 😂 they don’t even have to arrest them to show em who’s boss. The idea of privacy is pathetic it’s 2023 no mater what you do you won’t have privacy… go google Pegasus I believe v2 came out 😂 privacy haha 😂
Linux doesn't care 😉
Call your user "Count Dickface the Third" for all the devs care 😂
In a world where corpo software creeps on you by default, using FOSS *must* become the default.
To prevent forcing to create a Microsoft account during initial windows setup, make sure to disconnect the internet from the computer during the welcome wizard.
that way Windows setup would offer you to skip that step and create a local account directly without ever needing to create a Microsoft account/user on the computer.
That works if you have a LAN connection, but if you use wifi and don't disable it PRIOR to setup, you're going to be stuck creating a microsoft account. You can still create a local account afterwards, but it's still a pain.
@@AskYourComputerGuy I have a LAN when I installed my Win11 4 days ago. but if you have a WiFi but there is no Wifi connection would it not work?
@yoelstrikovsky I believe, even if you can't connect to a network, it still won't give you the option to skip. I could be wrong though
@@AskYourComputerGuy worth the shot. I don't have a computer with WiFi only , so i can't test it out. maybe if you got time some day you can test it and let us know...
Actually today is wfiey's birthday today so I'm taking some time for her. And I don't have any systems ready to be setup at the moment. Might just have to dig on Google for this one 👍
As an IT professional - with about 25 years of experience - of MICROSOFT (+ 10 of various breeds of Unix ), I agree with you 100%.😃 IMHO Microsoft is a good servant , but a rather suspect master. (Look who founded it!)
Just found your channel - looks really useful! Thanks!
Thank you for the support, and welcome to the community 👍
Absolutely agree. I've always used a local account, but they're deliberately hiding and making it harder and harder to do. So glad I finally switched to Linux a year back after a Windows automatic update self destructed... never wanted to deal with the learning curve of a new OS, but it's worth it not to deal with Micro$oft's snooping and nonsense again!
Stay tuned. Currently working on a video called "Windows expert tries Linux for the first time". I want to show everyday Windows users with SOME experience just how simple or difficult it would be to switch to Linux - what works, what doesn't, etc. Naturally a VERY involved video idea, but it's in the works! 👍
I've been using Windows since 3.1 and the latest developments are very concerning. It's now well over the line for what I consider acceptable. Linux works fine for my needs.
Getting fed up with windows. The move to linux is not far off@@AskYourComputerGuy
Learning curve is the real issue. Everyone is too lazy to learn it, let alone implement it. There's a reason why local accounts are getting harder to do. I believe that simplicity is more a factor than it is a conscience effort of collecting data or having access to data. Most people are careless of their data than they like to admit.
@@AskYourComputerGuy I find it funny that Linux always comes up when it comes to Microsoft. Asking a Windows user to work with a Linux distro is just as ridiculous as a Mac user using a windows PC. Ironic considering that Mac Os is based on FreeBSD.
One huge negative of logging in with a MS account is if you use a password manager to generate huge random passwords like I do, it’s basically impossible to type your password in without the aid of your password manager anyway.
Unreal Tournament let’s gooooooooo!
@@John3_16_ Damn right! I've yet to see a multiplayer FPS since UT2004 that wasn't a disappointment compared to it.
@@praetorxyn agreed. Did you ever try the new one (terminally in beta/early access sadly) before epic shut it down (because they seem to have abandoned anything good at this point)? I played it a little. It was actually quite reminiscent to UT99/UT2004. There is a player base keeping it alive with maps/servers if you look into it. Only takes a little finagling to get online with it.
@@praetorxyn Cube 2: Sauerbraten is pretty good, but it's also kinda dead now. But some rounds with a couple friends is always a good fun.
@@Gramini I never got to play UT2004 with friends anyway, as we only had dial-up and I didn't have friends to play LAN with at school anymore by then. But I've probably logged hundreds of hours with the bots and had a blast.
Been using a local account for years and tell others to do the same thanks for the video.
You got it!
These were exactly my experiences, my thoughts and feelings..word for word.
This was useful to learn as someone going into the IT field. If I didn't need my machine to be able to run videogames, I would likely install Ubuntu Linux instead of MS Windows.
Hopefully Linux becomes more broadly compatible with games in the future.
Agreed. Glad you enjoyed it :)
You could always dual boot. That's what I do. Using Mint as my daily driver and work machine, with a separate partition dedicated to Windows just for games that I could afford to lose.
As I mentioned in another comment, the Proton framework that Valve maintains has made gaming on linux a thing now and it's constantly getting better. From Cyberpunk to Baldur's Gate 3, I've been playing games on linux now for years and it's been great. Some of them run better on linux, too. Anytime I run into an issue getting something to run, I can typically find the Steam settings on protondb and I'm set.
@MrCobalt good to know, because I'm working on a new video "Windows expert tries Linux for the first time". It will definitely get a mention 👍
@@squ34ky If you have a Radeon card you could also set-up a KVM if you want to not be limited by the partition that you made.
Also makes it easier to boot up if you ever quickly want to boot a game that doesn't run well with proton or wine.
This is a really good review and I agree with all of the points made. Also, for archiving and backing up your work, good quality plug-in USB hard drives are an alternative. You just have it sitting on your desk and plug it in to your laptop when you need it. In fact, nothing gives me more personal satisfaction than purchasing a USB hard drive from Toshiba/ Western Digital or Seagate. I feel like I am buying myself a Christmas present.
Yes, I love my local backups. But how do I stop Windows from pestering me to setup OneDrive? I don’t want my data on your cloud storage, so GO AWAY, M$.
Ever since i knew ransomware and ever since i knew how SSDs aren't necessarily longer lasting than HDDs i put good care on not putting important files in internal drives.
Not even android which could get lost or shorted.
@@tinear4 Try the startup tab in task manager and dissable onedirve in the there.
Better still, buy an SSD with good capacity and an external USB3 container for it. SSDs are more reliable and way faster.
USB drives are a great SPOF for your backups. Get a simple 2-bay NAS in RAID 1 so you'll have an opportunity to save your backups if a drive fails.
I've said it before, you are THE BEST PC Tech I've ever listened too. I work for 19 Major Companies as their full time Systems Administrator & You really know this Tech World!
Wow, what an amazing compliment! Thank you for brightening my day, week and month 💪
So are you over-employed or just contracted? I'm assuming the latter.
Please clarify.
@@AskYourComputerGuy asking @HideOut55007
I appreciate you spreading the word. FWIW, I am fairly sure that if a 3 letter federal agency asks Microsoft for confidential information from someone's computer, their account, or similar, like many corporations, I'm fairly sure that it won't take an actual warrant to get it. Many corporations open their hands the moment that the feds ask for information, and that's without asking for a valid warrant for the information. Worse, you, as the owner/user won't know because it's done completely behind the scenes.
That information could conceivably include local passwords, any information backed up, the bitlocker keys that are there to supposedly safeguard your data, etc.. Worse side of all of that is while it's considered your data, with others having access to your data, what does it take to actually slip in something that would incriminate someone; you know, add in some false evidence..
It's almost insane to trust any corporation with your data as it's for convenience and data harvesting that they provide such services; and most won't side on protecting your data from the feds, let alone any hackers out there.
You're probably right. But why just offer it up anyway? At least give yourself a little bit of peace of mind that you're "protecting" yourself 😂
@@AskYourComputerGuy Anything you login to online is this way. Even right here with YT ...
@reaper15a agreed! Had someone comment the other day that they "loved my videos but obviously I don't care about privacy because I have a TH-cam channel". After staring at my screen, and realizing they ALSO have logged into TH-cam, I'm like..."you do realize you have to login to access your channel and create videos for other people to tell you that?' Some privacy is simply skipped over because we have to. Simple as that.
Unfortunately, the Supreme Court has consistently held that you don’t have a reasonable expectation of privacy in any information you “voluntarily” share with third parties. E.g., United States v. Miller, 425 U.S. 435, 443 (1976).
@@AskYourComputerGuy You can limit the impact of using TH-cam by segregating TH-cam to its own browser, using a dedicated TH-cam account that you don’t use for other Google services (and which is not linked to your main phone), and using a VPN. This combination makes it more difficult to track you using cookies and browser fingerprinting. But you have to be extremely careful and disciplined; a single screwup can result in more connections being made across devices and platforms.
As an IT unprofessional with 20 years of experience, I agree with you 100%.
I would say that your approach of using your Microsoft account to do the initial setup and then immediately setting up a local account as your daily driver is the best. The reason being that most newer computers are coming pre-installed with bitlocker, and should you ever need to access your computer without your password, or in cases where the windows update freaks out bitlocker as happened with several computers during the migration to windows 11, having that bitlocker key automatically saved to your microsoft account was pretty handy. This is for non-technical users with limited or non-existent secret protection solutions.
Bitlocker freaking out, is one of the main reasons MS tells you when you go to upgrade to Windows 11, to turn off and disable Bitlocker.
The joy of MS now putting BIOS updates in Windows Update and not mentioning "oh turn off the Bitlocker!" Carnage!
Any machine with a pre-installed OS gets WIPED and MY clean Windows OS version gets installed: did I mention clean (using local account only).
@BrilliantDesignOnline smart!💪
I never got the fetish about tools like Bitlocker etc. They’re a waste of resources and additionally a pain in the bum.
If you want a decent enough data protection, e.g. in case your PC gets stolen, just use the HDD/SSD password protection that comes with every decent drive nowadays. For those of us not working at a 3-letter governmental institution, that’s a more than decent enough protection. Regular thieves won’t go through the complicated process of completely dismantling your drive to be able to get to your data, so any form of Encryption is like shooting midges with cannons.
On top of that, you don’t need an overcomplicated password to protect your drive. It should just be something that’s easy to remember but HARD to guess. Apart from the obvious no-no’s, almost any word is as good as any other. Most drives lock up after like 3 attempts, and you have to power them down and back up before you get another 3 attempts. No thief, or unknown person will go through that process on the odd change of guessing right. They’ll just throw out the old disk and put a new one in. So, your data is almost guaranteed to be safe, case you PC gets lost.
I’ve been using drive passwords for 10+ years now w/o any problem whatsoever.
That being said, DON’T FORGET YOUR PASSWORD(!) (which btw. is true for any password, and also Bitlocker), because there’s absolutely no cheap way to get your data back(!)
I completely agree with you. For Windows 10 or 11 Home edition it is called "Device Encryption" and it will automatically encrypt the local drive if the machine has a compatible TPM (2.0 or higher) and the user logs into Windows with a Microsoft account. The key is backed up to the Microsoft cloud. Of course if you decide to use a Microsoft account the the Windows login (which I don't recommend either) you absolutely must be sure 2FA is enabled or you could lose everything. You could of course enable the option for OneDrive to keep a local copy of the files on the drive, at least this gives you a failover. Good video and very good points you mentioned, thx for sharing.
Good points you make as well! Thanks! 👍
> and it will automatically encrypt the local drive if the machine has a compatible TPM (2.0 or higher) and the user logs into Windows with a Microsoft account.
Nope. It encrypted both my local and secondary drives and without logging into a ms account. Everything by itself, without telling me anything. Fortunately from inside windows you can just go to the options, disable it and it decrypted the disks for me immediately. Still, sheesh.
@charginginprogresss "sheesh". That's a very mild way of putting it 😂😂😂
That's interesting, because Bitlocker on Pro doesn't work like that. There is no automatic encryption and you're explicitly informed that you should backup your recovery key, although it doesn't force you to do so. It even has an additional protection where it won't allow you to store the recovery key on the drive it is going to encrypt.
But the drive on my laptop which came with the Home version of Windows 11 wasn't encrypted and it didn't encrypt it during setup. When I upgraded to the Pro version Bitlocker became available, but I still had to go to the relevant panel and turn it on.
You're pretty passionate about this. I can respect that.
The measly amount of free storage space is what did it for me. Inexperienced as I was, I went along with the cloud storage because being able to transfer files from one computer to another is vital if, say, your old computer starts dying while you're still in college. But once I realized that I would have to pay for more cloud storage space to have everything in one spot despite my new laptop having close to a full TB of free storage, I had to figure out how to get my first 5GB worth of stuff off of oneDrive and into the same directory as everything else.
👍
Great video, which confirms my suspicions against windows11. That is why I’ll still be using windows7 x64 on all my computers. Greetings from Europe.
👍
I liked Windows 7...!
ONE THOUSAAAAAAAAAAAAND PERCENT! Thank you SOOOO much for putting this video and its statement out into the world! Hopefully it helps as many people as possible to be aware that any companies acting as big brother are problematic to their lives, and that they can choose to be safer and simpler without big brother's help...in this case on their newly purchased MS OS Computer. "MANUAL OVER-RIDE, CAPTAIN"
💪👍🍺
😆 ....until Apple does the same thing that is...
Apple won't do the same thing 🤞
Linux install captain?
Dude, you are a one-stop shop for all my questions regarding this issue - thank you!
Thanks, I appreciate that! 💪
I 100% Totally agree. I always pick the Offline sign on option when setting up new computers.
Live by the Cloud, Die by the Cloud.
There is no Cloud, just somebody else's server. ;-)
Agree 100%. One of my clients used the PIN to enter her laptop and forgot the Microsoft account's password, because she never used it. One day, the PIN didn't work, because of an error that I found out was due to corruption in the security structures of Windows, probably due to an upgrade or something. She lost everything, because the disk was also BitLocker encrypted. And the backup in the cloud? Without the account's password, that is useless. The password was impossible to reset.
@@gabialbutziu cant stop laughing
@@Sr.DeathKnight Couldn't you use another machine and go through the password reset procedure? Then just reconnect to the internet on the 'old machine', log in with the new password.
@@wildwizard33 You have a HUGE confusion about the security system of Windows and almost any operating system. You can't reset the passwords of one Windows installation with another Windows installation. That would be a lethal security problem for Microsoft and the system wouldn't be security compliant with anything.
If you mean resetting the password online with Microsoft, I already said that the password was impossible to reset.
You only need to backup what you want to keep. Steam/EA/Store library can be downloaded, PC can be reinstalled. So focus on the local user folder and keep the downloads folder tidy. If you just backup the user folder and turn off Bitlocker you can do without a microsoft account. Photos don't change so they should be archived but don't archive them on microsd/ssd or any kind of solid state storage. For 5 years hard drive should be fine but any longer, I suggest archival quality dvd-r (might take dozens of these) or blu ray (not cheap). Who can say what will happen to Dropbox/Onedrive etc in 20 years time? It may be convenient but it's not air-gapped.
in case of keeping the downloads folder tidy, just move it to a different place outside of ~ and you are golden with that point aswell :)
whats the problem with solid state storage?
@-ari nothing, but mechanical storage is historically more reliable. When a mechanical drive starts to fail, you usually get some indication. SSD drives often just stop working (when they die) with no or very little chance of recovery
@@AskYourComputerGuy oh, I see. thx for answering.
I’m glad you mentioned the Bitlocker thing, but it’s not Microsoft that enables Bitlocker or Device Encryption (Bitlocker’s little sister on Win Home devices) it is the OEM. Except in the case of Surface devices where MS is to blame for enabling it and not informing their customer. Dell is particularly bad at enabling this on customers systems during factory imaging and never telling them. If a client skips the MS account setup and opts to do a local account set up they are guaranteed locked out should the recovery key prompt show up and the disk gets locked.. if they HAD set up a Microsoft account during OOBE setup their recovery keys would be found in their MS account and they would have a way to get to their data and recover everything (unless something goes awry as you mentioned and the recovery key doesn’t work). This can be circumvented by setting up an MS account during OOBE setup, then deactivating/signing out of your MS account as it’s log in. Either way, since disk encryption is so unnecessary for average users, OEMs REALLY need to stop enabling it or at the very least ship systems with an info packet with giant lettered warnings and a printed recovery key explaining what they did with it. I’ve had too many tragic “no it’s all lost” conversations with Dell owners (and lately HP owners) because Bitlocker was enabled and something went wrong. Alternately I’ve been able to unlock nearly every single encrypted drive where somebody followed the steps to enable an MS account during initial setup and get their systems unlocked and recovered, which has been great. I appreciate you pointing out all of the other settings that most people don’t know they don’t need an MS account as an active login for too.
Without encrypted drives, any computer login (be it at POST or into Windows) is just for show. Take the disk out (if bios is PW protected and you can't boot your trusty Strelec PE) and you have all the data. Use any of the many available tools to reset the local account password and voila, you're on the desktop. This is a huge issue as one gets a false sense of security - the login to their desktop is password protected, they have to type the password every day after all. So how is it that someone could get the access to their stored banking, socials, work accounts, government site accounts etc. stored on the computer? So I wouldn't say encryption on a private computer is unnecessary, that would be a very uneducated thing for me to say.
A thing to add: I agree users should be better educated, should obtain the encryption keys on a paper with the new computer and be explained why they are important or that the users can turn the encryption off as well. But encryption causing loss of data is on par with loss of data caused by drives dying or of ther hard issues (power surge comes to mind) - users have no assurance for the safety of their data from the manufacturers. Same as with data loss due to the above, it's the user's responsibility to take measures to mitigate the risk (i.e. do backups) for the case of encryption issue. BTW, one of the causes of getting the prompt to enter the bit locker key is drive failure - for which everyone should know by now one needs to take precaution and backup data. (Another common cause is TPM failure).
I think its not the OEM, I can confirm its using the microsoft account with you device. I did format my new computer with the medía creation tool (win10) because I don't want the bloatware from the oem (its enough with the windows one ) then later I got the win 11 automatic update. Then the motherboard failed. I put my ssd to an external adapter to transfer the files to a new machine and surprise!!!!!
@EduardoRamirez-em5qw there is much controversy over this - some say it's OEM, some say Microsoft. A deeper dive is probably necessary here
I have seen so many laptops recently from OEM’s that have bitlocker enabled but not activated (mostly win pro) and even those are hell because that means that your pc is locked and you can get the key but you will never get the prompt to actually save the restore key but you have to actively look for it yourself… the fact that you open control panel and enable bitlocker and it’s instantly encrypted created some suspicion for me, so the for next device I used “manage-bde -status” and guess what it was encrypted without a key. I am not saying I use Github windows keys personally for my private devices…. But for me it starts to become sort of acceptable that if a big company is allowed to screw you over, a personal consumer uses a trick to upgrade to windows pro to disable a lot of this shit isn’t to much of a crime. And I wouldn’t judge them.
Others might disagree with my vision.
Btw my first study laptop screwed me over this way (windows 10 pro on a HP Probook 450 g7) it did taught me to use proper backup so that was a win though 😅
Thank you. Non professional here. I always use a local log in. Now I know I was making the right decision. Thank you.
💪
Tip for Windows 11 users who want to set up a local account: DO NOT CONNECT TO ANY NETWORK. Infact, if you have the option, Turn Off your Wifi. If it cannot get to Microsoft, Windows is forced to have you create a local account ONLY.
Even that doesn't work anymore, Windows will just stop there until it finds a network. Microsoft are getting more and more devious
@@carlmichael5592 I just two days ago made a new install to a friend with Windows 11, just unplug the network cable, chose "not access to internet" and proceed to install it. That created local account, that I needed to create another for MS account to get the activation done, and then deleted that account.
You can hit SHIFT-F10, type oobe\bypassNRO, restart and create a local account. For now 😂
@@AskYourComputerGuyafterwards, do we have to do any other command prompts?
It works, but I don't know if I'm free and clear or if there is more work to be done...
Thanks!
That's not true @@carlmichael5592
Good points. I'm a retired programmer with over 30 years experience who never had a Microsoft account. I manage my own backups and don't use Onedrive or any of the Microsoft office software. I bought two miniPCs this year with Windows 11 and did not have to create any Microsoft account in order to start using them. If anyone wants to use that stuff that's fine, that's their business, but it's not necessary in order to use the OS. Most of my work I do on FreeBSD or Linux anyway.
Great video. We need to open more eyes to this problem. Even if you don't use a Microsoft account to login to your computer, Microsoft is *still* gathering way tooooo much info about your activities. *EVERY* click to open a folder or file or application, or installing or removing an application (and LOTS more!), is telemetry that is getting sent to Microsoft. I use a separate, third-party firewall that allows me to monitor and *block* this violation of privacy. Their claim to "making the product better" is BS.
👍💪❤️
Thanks!
Thank you! I appreciate that 👍
Advertising ID is mentioned in their settings, too. Bold of Microsoft to tell you they want to send you custom ads based on your usage and browsing.
not bold at all.... Google does the same.. Are you suggesting it's better NOT to know ?? Perhaps they shouldn't be gathering sensitive info, but that still doesn't refrain on not telling users.... I'd rather a honest company, and let me decide, then a dishonest one which doesn't reveal all (to some level)
A form of Bitlocker is on Windows Hone though it's called Device Encryption and it does require a Microsoft Account. Bitlocker itself doesn't require a MS Account and can back keys to a text file, printed paper, on-prem or Azure AD Domain controllers.
However it is available on Professional and Enterprise (LTSC) editions only.
@@markarca6360 Assuming Scott wasn't lying, Bitlocker can be enabled in Home Edition.
@Impact009 well, a) Scott doesn't lie. That wouldn't be good for channel growth or trustworthiness of the 50,000+ people who have subscribed and b) Microsoft says it won't. Which of course makes me think it probably does. That was the whole point..how can a machine with W10 Home be locked? 🤷♂️
I will say though, for home users with a Microsoft 365 account, you get more storage than 5 GB. It's 1 TB I do believe, and the synchronization across multiple devices is a nice convenience. As well, you have the ability to choose which folders are replicated to the cloud.
Professionally, my general routine for set up of new systems is to create a local account as the initial "super user" account with administrative rights, then the machines is attached to the AD which is maintained locally and not Azure Active Directory. The user will log in with the rights and permissions I've established through my DC and then I'll connect the users' Microsoft 365 account to that AD account.
👍
Yass, but as soon as you miss payment your locked out of your data.
Yass, but as soon as you miss payment your locked out of your data.
@arnezbridges93 true
a 1TB drive is cheaper than a Microsoft 365 account and it's a one time payment and lasts a decade.
Thank you - this is the first sensible, fully informative comparison of MS and other procedures/programs. I have continuous issues with the whole MS setup. I don’t use OneDrive and various other problems. Great video! Kathy.
Thank you, Kathy! Much appreciated 👍 ❤️
Interesting video. You suggest all the same things I've been suggesting to friends and family for years. Personally, I use a NAS on my local LAN for backups. I've never, not once in decades have had a need for "Cloud Storage". OneDrive as a service doesn't exist on my machines. One of the first things in a long list of things that I remove after a new install(along with Feedback Hub). That's my biggest pet peeve about the Windows 10/11 installer. It just throws everything on the machine without asking. Yes, I know, I can create a custom installer but I shouldn't have to.
Got a Synology NAS video in the pipeline 👍
I really dont understand why ordinary people want the cloud for everything. I stay out of that as long as I could. I think 90% of the people dont need the cloud.
@@Vanadium Because you can sell most people on "convince" It is why so much is by subscription or is all digital and can go away at any minute. Sony just told a bunch of people that a load of movies and shows you bought will be pulled from your libraries.
@@VanadiumIt also makes it so my pics and phone are easily accessed without having to sign in to my machine each time. It sounds stupid when i say it but i find there really aren't a lot of great ways to get photos off your phone from your computer. the best option is connecting my phone to the computer with a usb cord and then its slow and often disconnects. the cloud always mirroring what images are on my phone is a nice convenience. I am someone who takes a lot of screen shots and pictures of something as reminders of things i have to get done. sometimes i use it for documents but having it for everything is not wise. those accounts can go bye bye for various reasons and your data is not as precious to the cloud companies as it is to us.
@TheMikePemberton I use Photosync. Cost me $6 for life time license. I can transfer from iPhone to PC, PC to Android and back. Best money I ever spent
20+ years fixing computers myself and I agree 100%! One additional trick when doing a fresh install aside all the others I`m reading, just don`t connect the machine to the internet until your are in the desktop, that also works ;)
Thank you! And agreed 👍
Yep, that's the trick I use when installing Windows in VMs. Don't set up internet in the installer. Finish the installation, then set up internet once you escape the OOBE.
That used to work. It's been a while since I tried it but (from memory) a couple of months ago, fresh install with no Internet STILL insisted on using a Microsoft account instead of a local account. I had to run an oobe switch to bypass the Internet prompt and THEN reboot and eventually got a prompt to set up a "limited functionality" local account.
@@davidchristensen811 Good to know! But the USB stick that I use to install Pro/Home (let`s say the normal versions) is a bit outdated (21H2) because I`m lazy and prefer to just run the updates later has part of my testing.
@KikuVasNormandy 👍
Your video made me feel really good about having ditched Windows for Linux. I am not a sophisticated user by any stretch and have adjusted to Linux after having used Microsoft operating systems my whole life, since before Windows. No regrets.
Awesome! 💪
Yup, same here. I have a multi-boot machine but very rarely use Windows for anything. My kids, however, have to use it for some school work so they have Win10 on their machines with local accounts.
Yup. And Microsoft 365 stuff still works fine on Linux if you need it!
@@billmiller4800 Libre office is great, reads all windows stuff, I have even opened old 'Works' databases and documents in Libre office that MS office would not open.
I made the switch a few years ago when W7 support ended. After trying a zillion different distros, I settled on Opensuse Leap w/ Gnome desktop. What a relief! Linux allows you to do things your way, not MS's way.
After having seen this video,I subscribe this gentleman knows what he's taking about.Thnks 4 this video..👌
On the ease of accounts being compromised, it's a bit misleading. Microsoft recommends everyone use the Authenticator app and Windows Hello, and is encouraging people to ditch passwords altogether. Realistically, if you follow the recommended process by Microsoft, which every user is asked to do during setup, an attacker would need to not only have your password but also your phone and your thumb in order to gain access to your account.
Unless the user's account is compromised by a man-in the-middle attack. I've had to support several of these recently. Nasty.
@ajkgordon 👍
I've had a MacroShaft account for years, but I've found I might need to log into it maybe twice a year . . .
I'd rather keep my data backed up on my own hard drives, thank you :)
Exactly! 💪
POSSESSION is 9/10ths of the law, you know. Cloud storage is just us GIVING them our personal stuff, of which they can claim ownership, in many legal situations. OOOPS.
I would like to say I really do agree with this except in one specific situation, and that is setting up Family users. When you want to setup simple cross-device management for child user accounts then using Microsoft Family with individual Live IDs for logins for your kids can be very beneficial. It is one area where you cannot get that same capability with just a local account and, at least from all that I have tried or investigated, requires your kids accounts to login with a Windows Live ID.
Do you also make your kids wear shock collars with a GPS in them?
@@DatamasterCorporation No but by setting hours of activity I can set reasonable expectations for when they can be on electronics and when they should be off sleeping or taking care of other responsibilities. It also helps when I get a flag about a topic or website that was searched that came up as flagged if it's something we need to have a discussion about one-on-one or as a family, which has been tremendously helpful for my kids to learn about open communication and trust. I get that Microsoft Family (or any other access management system for family for that matter) may not be the solution for everyone. For us it has worked great. I simply was stating that for THAT specific solution, as per the subject of this video, you do have to use Microsoft accounts for it to work. There are many alternative options though!
@@DatamasterCorporationare you suggesting being involved in your child screen time is somehow a tyrannical form of parenting?
Very weird take bud
@@dimitriuss you're weird
I'd like to clarify that this is part of Windows Defender (now known as Windows Security) which no longer requires an MSA. It behaves quite similarly to how the Parental Controls feature behaved in both Windows Vista and Windows 7.
Excellent video! Direct, clear and technically sound 100%! Great job helping protect us!
Much appreciated!
Speaking as someone who worked for Microsoft for 2 decades. I totally agree with you. It is not that MSFT is bad, they are genuine in their attempts to make your computing experience seamless across all the devices that you use.
However, that requires that you are online to login to your system. (especially if you aren't using the corporate versions of Windows). So if you have concerns that your system has been compromised & you want to isolate it, to backup specific files before wiping it, you can't. And you risk the compromised link & other files syncing to your other devices.
So on your new PC. Create a local admin account, Create a local account. Log in with your local account. Then login to the Microsoft services with your Microsoft account as/when you need them.
You get the same experience with the MSFT tools. But you've reduced the attack surface of any scan/hack attack.
I appreciate your input! I get so many comments on this channel saying that I hate Microsoft - just the opposite! Microsoft has allowed me a great career. But there are still things people need to know if they aren't educated (which Microsoft fails miserably at doing). Thx again, I really appreciate it! 👍
Or if there's a problem with your internet router, you can't login to the desktop to get to the router interface to fix it because Windows won't let you login without the Internet. This is the biggest argument for using a local account as far as I'm concerned. So many Windows features were designed on the assumption that internet access is ubiquitous, which it isn't.
@steverrobbins10 well said 👍
@theharper1 you don't need internet access to login to your local router. You just need the IP address that the router assigns every device when connected to the network. Whether internet is flowing or not doesn't affect router login 👍
@@AskYourComputerGuy if you are using a Microsoft login and the internet connection is lost, you can't login to the PC to get to a browser to fix the router.
Great video. You are correct that Onedrive storage is limited to 5GB. However with Office 365 your Onedrive storage is 2TB per user. You failed to mention that.
Correct, and that gives Microsoft a potential extra 1.995TB of your personal data to mine.
I for one have never had a Microsoft Account, and I never will.
You must pay each year for msft365. That is the catch. I have office and have paid 50$ for unlimited use. With all that money saved, I can buy a great NAS that is very very fast and do not need msft cloud that is slow and buggy.
No msft account and their spyware. No Edge browser that is very dishonest and pushes their advertisement and fake news.
The Nirvana!
@@davidanderson4091 and you think google isnt doing the exact same thing?
Fair...and correct
Smart 💪
I always make this my number one tech tip with windows. Always make a local account. It's how they did it back then and that's how you should do it now. Sadly the main issue with this argument today though is that Microsoft has made it more difficult to make a local account especially with Windows 11. The only tools we have to stop this behavior from the corporate conglomerate is using Linux as your daily driver.
👍
While I try and use Linux as much as possible, there's still instance where I need to use Windows for certain things (whether that be hardware updates for peripherals or certain software). I'm still happy I can do 90% of what I need to on Linux. It's just finding that right Linux install that works for you.
@peterschmidt9942 these are great points that i will incorporate into an upcoming video ("Windows expert tries Linux for the first"). Should be fun
@@AskYourComputerGuy I am subbed and i will be looking out for it.
Thanks!!!
Just a farmer here so I could be mistaken, but there's a couple things I would add. Unless they've blocked it, you should be able to skip making a MS account by using oobe\\bypassnro during setup. Windows 11 also changes the CPU scheduler, so 12th gen and up Intel processors are more effectively utilized.
Agreed!
BTW - absolutely LOVE the handle! Huge MASH fan since the early 70's ❤️
@@AskYourComputerGuy Thank you, Sir!
@ShermanT.Potter 👍
If you have any short, simple answers you seek, please ask! Would love to show homage to Harry Morgan and mention your handle in an upcoming Q&A short ❤️
This is one of the reasons I've never used Windows 11, among other things. I still gladly use Windows 10 and only give Microsoft the absolute bare minimum info. In fact, I recently bought a laptop running Windows 11 and immediately wiped it and installed Linux Mint. The Windows boot screen never saw the light of day once.
You can just use Windows 11 with a local account, in all the ways described in the video. Just switch to a local account. It doesn't even create a new desktop or wipes your browser history, you re-log in locally, and see your entire environment exactly as you've left it.
@@jelleludolf using winaero, open shell and do not spy 11 one gets a pretty decent experience with classic features reactivated & reimplemented, as well as turned off microsoft bs.
replacing the microsoft apps with better free or even open source programs ( like libre office and vlc media player) gives a nice experiebce.
i was smarter. i buy it without OS, less 100€
@@contra_planoIs it really that much cheaper? I mean what about the mini computers that only cost 150 bucks. they dont sell with an option to install an os on your own. I only see it costing that much if you buy it from windows separately. Did you not pay for your windows license at all? because yeah then its much cheaper. You dont have to answer that.
@@TheMikePemberton I have buyed a HP: HP Laptop 15s-eq2090np 15.6" - 930T4EA#AB9, 399€
I do not buy the most cheaper...
Personally I use Linux for quite a few years now already. Mostly because I just like to use something that looks different from what everyone else is using and also it looks quite beautiful. Also I like it because it is more safe and has better performance. For most people that are using a computer for basic things I can recommend to look at Linux and see if you can use one of the hundreds of distrobutions
a lot of the major distros now also have data collection baked in (like Ubuntu for instance) and a lot of programs/games that some people have do not function/function well on linux.
but you are correct, linux is really the way to go, tho it still has its issues when run on a computer that has more than 1 screen.
@@CodeDonut There is a difference though, Ubuntu (and every other distro that does any degree of data collection) does not retain the fact that the data is yours. In other words they can't see that billy bob joe installed X package on Z date and has used it W times. Instead they see that Y number of customers installed X packaged and used it an average of W times. And as a result that data has no real value for anyone besides the distro developers searching for ways to improve their software.
I have never accounted problems with several displays using Linux. Mostly Ubuntu and Mint, for about 7 years.
@@CodeDonut Gaming on Linux is far and away better than it used to be. Thanks to Steam Proton, everything my kids and I want to play these days works almost flawlessly. Ubuntu-lite distros like Mint also remove a lot of the garbage that Ubuntu bakes in.
I still wouldn't recommend Linux to your standard windows email/browser user unless they have someone knowledgeable to help them on occasion.
For geeks out there, with enough time on their hands, I agree.
For people like me, needing to use specialized tools and other things on hand than having more than enough time on hand to “play” with Linux, unfortunately that’s hardly an option.
And then there’s also the “problem” of the literally hundreds of variants of Linux. Why are there so many people out there that think, they need to make their own, “better”, or at least different variant of Linux? What’s that good for?
The Linux community as a whole could do itself the biggest favor ever, if everybody stopped doing their own thing, and everybody would start working as a group, developing just the 3 or 4 or so variants that are really needed (for the average user) in real life. Until that happens, Linux will go nowhere (as far as the consumer market is concerned), as has been the case for the last 20+ years. Alas, that’s wishful thinking and will never happen, so we’ll be stuck with windows for a long time to come.
I don't even setup a new system with a MS login. There are various methods to skip this, and I highly recommend it, as initial setup can tattoo some settings that are annoying to get rid of. They're mostly minor, like account picture and stuff, but I do have to use Teams in a browser because of a MS account (they may have fixed this now, but since I use Teams for work, keeping it in a browser suites me). This might be because I converted a MS account to local, I don't remember, it's been too long. Suffice to say, I just don't even bother with my MS account anymore, and setup new machines with a local account right out of the box.
I have grown fond of Ubuntu lately, much better for developing.
Good Vid ... I totally agree with what you have stated. Having over 41 years (believe it not since DOS 1.0 and now retired) support on Microsoft - you are right ! There is only one other point. Do not accept the default installation of using single hard drive as the ONLY partition for the operating system and data. I don't care what anybody says, I have spent enough time trying to recover corrupted system partitions to know that you can kiss your databases goodbye, if your primary partition is corrupted when you have your database stored in the system partition! Split your drive space in half and setup a data partition to store your database. It is very rare that you lose the data partition when the system partition has been corrupted, unless the hard drive is faulty.
Golden Rule = backup backup backup
Couldn't agree more! See below 😂
How to guarantee ZERO data loss if Windows crashes
th-cam.com/video/DCQh7thkYvI/w-d-xo.html
All your points are well taken. When I set up my windows 10 I don't remember being asked about using a Microsoft account but that was a couple years ago so I could easily forget. Either way I went local as I don't like my accounts to be tied to a corporation. Privacy is my concern. I didn't know about the other downfalls.
My wife set her own computer up and I found out she had used a Microsoft account until I was doing a favor for her and backing up all the 1000s of pictures on her phone. I had created my own account on the computer, local. I copied the pictures into a picture folder which I had to create?? A bit confused at that point so. When she logged in the pictures weren't in her picture folder. I switched logging into mine and could see the folder with the pictures.
Long story short, I created a shortcut on her desktop so she could access them. What a mess.
I wouldn't store photos on cloud either since they can be erroneously flagged (like imagine having too many skintones will be flagged as pornography or how a random pattern is mistaken to be a sign for dangerous or racist organizations) and automatic flagging never learned. Got flagged multiple times on Facebook erroneously myself. A father in the US got banned from Google after sending a medical condition picture to his doctor and there is no malicious intent ever.
Currently i store wallpapers in Google Drive but just to be safe it's all scenery, vehicles, pixel art, and abstract art. No humans or animals. It can be flagged wrongly.
That would have been the case if she had created a local account too though. As you say, privacy is your concern so, quite rightly, you can’t access the personal data of the admin of the computer that you’ve created a guest account on. You certainly can’t push your own personal data into their pictures folder without hacking.
@@PippetWhippet In this case it wasn't trying to hack my data into their personal folders. It was confusions created by the fact that she had already moved some stuff from her phone into her folders and I was trying to finish for her. Where was the stuff she had already moved? Having just one account would have made it a lot simpler. During my years of supporting users in a corporate environment finding files was probably the most often problem I encountered.
I can see having of computer storage as great for really important stuff that needs backup but it should be in a fashion that is understood. I suspect many average users who are using the microsoft accounts don't even realize their stuff isn't actually on their computers.
@ABitWhippet 👍
@harveybc when profiles are made they have their own storage space. So the "desktop, pictures, documents, downloads, music, videos" folders are separate for each user. They are located on the c drive in the Users folder. Easiest way to share between profiles is create a folder on the c drive directly or better yet create a new drive partition and put the items in there.
Worth mentioning that a local account "protected" with a password, can have the password pretty easily removed, pretty quickly by anyone that knows what they are doing in that dept., and has access to the computer. Not so easy with a Microsoft Account, like almost impossible with 2 factor enabled.
Even with 2FA, I can reset a Microsoft account password off a machine in about 3 minutes using 4WinKey. Granted it's only the cached copy and when you log back in, Microsoft will notify you there is a problem with your account, but then you can click to change the password. But at least you're back in instead of being locked out. Here's what I use, it's been a Godsend for me in my local business :
How to crack a Windows password FAST? SOLVED! [2022 update!]
th-cam.com/video/LFMjbvzO3ZQ/w-d-xo.html
@michielvanerven5638 absolutely!
As a support person with 40+ years in the game, this has been book marked.
Will keep this as a reference for my argumentative clients who wish to use a Microsoft login and/or BitLocker. That said, I've taken on clients because they've been bit by either of these choices previously.
Thank you! That means SO much! 💪👍
Before I say anything else, use whatever operating system you want--whatever you're most comfortable with.
With that said, this is why I switched over to Linux Mint. My computer feels like a computer now. Linux stays out of my way unless I need it. It can still connect to the Internet and allow me to watch videos, go on social media, and so on. I can still listen to music and play games and write documents. It's not perfect, but my hardware is my hardware. That's refreshing in this day and age.
I agree with everything except when you said you cant use a local account with Bit locker. You most definitely can.
I only sell machines with the PRO version and always setup a local accounts for the customer even if they have a Microsoft 365 account.
Also a 25 year IT Professional. Instead of fear mongering, learn to use your computer. People often fear what they don't understand. Learn about the services available to you and what they do. Then learn to use your computer responsibly. You can keep critical data on your system but take adequate precautions to protect it and don't put all of your eggs in one basket - invest in redundant back up solutions. External drives, network storage, and an offline protected backup of more critical information. If your computer was stolen, destroyed in a fire, or otherwise stopped operating, this gives you multiple ways to rebuild and not lose your data. Sorry but this advice has been preached many times by many more wise IT Professionals for at least 30 years and I remember hearing it 40 years ago before the internet was common place. Just browsing responsibly can make a major difference in keeping your computer secure.
100% this. Way too much misinformation here and extremely biased.
This is fine and all for tech people, but the average consumer doesn't care about this. They don't want to learn, they want something that just works when they hit the power button. Windows has been so dumbed down that nowadays most people have no idea how to use basic features of their computer.
@MG-zx8jn 👍
@@sigh-cosis "Windows has been so dumbed down that nowadays most people have no idea how to use basic features of their computer."
Did you ever see Mac OS?
Great review and spot on privacy advice. I keep 2 towers, one for gaming and life, the other is just storage made of the last computer build. It has 5 or 6 hard drives currently, soon to be +1. Basically whenever I build a new computer, I get a new drive just for it, and the old hard drive goes into the second tower, from there I can duplicate whatever as a backup when one of those drives fail, I think the oldest surviving drive is nearly 20 years old lol... no cloud, no nothing. If I want to copy something over to the main computer, thumb drive or email. Only issue I see coming is all new builds will be M.2, so expansion cards / multislot motherboard for the next one to prepare.
Nice! 💪
with ipv6 it’s also possible to expose part of your nas storage to the internet and use it as a personal cloud. Likely the upload bandwidth will be limited, should be fine for documents and such.
The hassle is all the security is now on yourself.
"Oh there's a video here? Thats cool. Im here to talk about me. Nothing interesting or unique."
@@goat-eyes neither you have added anything interesting.
Curious to know how many other channels have hidden you from view if these are the kind of "contributory" comments you leave. Or is it just me?
I agree 100%. Fantastic video. Excellent information. Wow. Nice job. Man, you NAILED it.
I want to add that I already knew most everything you are talking about, but you just reinforced in concrete in my mind exactly how I feel about this subject. Thank you for this video. You just said exactly what I needed to hear. I will probably watch it again. It's that good.
Wow, thank you!
Great video. You have given me more justification to not use Windows. My go-to systems are Linux, FreeBSD and RISC OS, all open source.
💪👍
Never heard of that problem with Bitlocker. Seems like a very unusual problem. Ideally the user's OS and the files should be on separate hard drives so the risk of data loss is minimal.
Neither had I. And ideally, yes.
Bitlocker is very useful and I think the benefits for regular Jane outweighs the risks. You wouldn't want your data to be unencrypted when your laptop is stolen.
But that said, Linux >> Windows and LUKS >> Bitlocker.
even separate partition would be ok??... I mean only the mounted volume could be corrupted... You can't corrupt what is not actually in use right ?
@@Tech-geeky Separate partition should be fine. An extra drive provides added protection against hard drive failure, which is admittedly rare, but with SSDs can occur abruptly. Better safe than sorry.
@@jonathandawson3091 From experience I'd say bitlocker (and honestly most encryption) is way to advanced for a regular run-o-the-mill Karen or Carl user to be using. I always advice against using bitlocker unless the customer TRULY know what they are doing and TRULY understand that if the 24-something digit lock-code is lost, then your material is lost forever.
I've been using a local account for a while now, but my kids are on ms accounts for login as it helps with family safety and management. Would love to hear your thoughts on that
Keep the kids on MS If it helps with family safety. Nothing is more important than that. Just make sure you have regular backups 👍
Absolutely good idea. You can't use those family safety settings else.
@bonerjams2k3 😂
@@bonerjams2k3 Google already knows you better than your kids do 😏
I totally agree with you! I feel my privacy and my right are invaded ever since they started these damn things! This kind of Violation of personal privacy and right needs to be stopped!!!
I totally agree !! I stay as far away as possible from any Microsoft BS. Excellent video. ! Keep up the great work. I appreciate the time and effort that you place in your videos !! 👍👍 ⭐️⭐️⭐️⭐️⭐️
Thank you! That means a lot! 💪
I actually do use ProtonMail myself :)
Couple of things we noticed about the bitlocker issue. We have seen windows machines with local accounts with bitlocker getting enabled during the oobe without letting the customer know. This is with oem installs of windows on devices with modern standby enabled during the oobe. The ones with local accounts with bitlocker enabled have lead to data loss. the only ones we have had any chance at recovery were the ones with microsoft accounts unfortunately. Due to this reason, on new laptops we wipe and reinstall windows before sending them to users.
This is the thing A lot of people do not understand. Even though you don't log in with a Microsoft account you could inadvertently be associated with a Microsoft service that could be designated as an account and a BitLocker key could be issued. At some future system update or bios update the BitLocker key could be activated and you'd be completely locked out of your computer.
@CyberMedics possibly, but I can't confirm. Either way, always best to take preventative action 👍
@@AskYourComputerGuy Should have led with fantastic & well presented video. Liked & subscribed. Thank you for the presentation.
@CyberMedics thank you! I truly appreciate that 👍❤️
@@CyberMedicsThis exact thing happened to me.
Totally agree with everything you told me. It has irritated me for years how control is taken over from your machine. The stupidity of making windows restore almost impossible to get to. The Uefi Bios is terrible. The override function to bypass the boot selection is often dramatic. I often look back to the good old days where you had more control over your machine and operating system.
Agreed!💪
Excellent tips! I would add that you can actually activate your computer by tricking the MS prompt. Type in a fake email and password, and it errors out and lets you continue activating with a local account.
The other issue with MS practices is that it can be really confusing for seniors. A lot of our senior customers would be lost having to navigate that labyrinth, so we stick with local accounts for them, local backups, and RMM to ensure device health.
Linux, OpenBSD, Unix... It was ingrained in us to always have a user, NOT a "Super User" account. In Windows you can always reboot or worse flatten and reload. On a large machine shared by many users, admins had to shut down processes and Daemons, fix them and bring them back on a running platform.
Absolutely agree. I've always moved my clients to local accounts.
Always a smart move 💪
I am a teacher and in our IT classes (we train students with basic hardware, software, office and service desk work, that kind of thing) we still always learn them to only use local accounts, from day one when they first install windows 10 or 11 on a school device. If they go to work in an organisation that requires microsoft logins, that organisation will explain it.
What? Are you serious? So you teach non-best practices to students then let the company that hires them train them correctly??? really? Logging into a system is step 1 and should be lesson 1.
@@tshackelton we are not talking about corporate it jobs that require degrees, but the low end, service desk employees, people who mostly will give advice to ordinary people with 1 laptop...
@@tshackelton You're just annoyed that their students come out better educated than you are.
ARE you a teacher??? "we still always learn them to".. .. You TEACH them to, they LEARN. No wonder the youth of today bastardise language so much
@@April--Moon I am not an english speaker
Very detailed and helpful, thank you. I was unsure for days which one to choose. Now I know. Time to go local, as always...
Excellent! Thanks 👍
Glad that Rufus has a skip Microsoft account option while making a usb flash drive
Exactly
Upcoming video 👍
Just run a cmd that will bypass that when installing the os. Numerous videos on how to do it are online. It's easier than most people think.
@@Gregory_Eugene_Frazier have to make sure you didn't connect to the internet first now.
@@BoraHorzaGobuchul That's why you write the instructions down before you do it.
You, my friend, just won a subscriber. Everything you just said is why I haven't touched Window$ (or Mac) in 10 plus years.
👍💪❤️
Wondering what you male of this? Worries me/still on 10 Pro ---- Windows 11 has strict hardware requirements and even the slightest deviation means something will not work in Win11. I have tried it with 3 different computers, and something different was out of whack on each one. Microsoft has tried their best to make it look and operate more like a Mac. Also, Win11 is an "always online" OS, meaning it's always trying to connect to Microsoft online services and it assumes that you want to be always online and sharing absolutely everything with the whole world, and getting constant feeds from everywhere. It also needs to be online because it is constantly downloading updates from Microsoft (as in: every other day), so if you're not connected, it will start downloading updates every time you start up.
You nailed it 💪🥲
@@AskYourComputerGuy Would this be for a MS Account or Local Account also? Again for 11
@ethimself5064 both...my biggest issue is the MS account on any version of Windows
@@AskYourComputerGuy 👍
Agree with your Mac comment. I'm not even a Mac user, and I've been saying this since I saw Win 11. On my corporate network, I've blocked updates beyond Win 10 with a GPO.
I downloaded Windows 11 for testing on notebook. While janky at first, it was ok but I don't prefer it over 10, especially because many clear defined options have their text replaced with icons.
Since after 2 years I still can't really get used to those icons, I stick to Windows 10 on my pc. Note: While a debloater removes pre-installed stuff, I felt it made Windows janky on occasion.
Your notebook would be happier if you trade it in for a Macbook Air.
@whothefoxcares unless you don't know a thing about Apple. Then it's your worst nightmare in it's simplicity 🤷♂️
@@whothefoxcaresWouldnt the notebook computer feel like it was just rejected and discarded? Maybe you feel the user would be happier, although not sure about the notebook computer. (I disagree that having a MacBook Air is automatically going to make someone happy. I get that you are likely a Mac Stan though so, you wouldnt understand)
I don't find ipads etc much of a replacement to netbooks etc. It isn't great for those of use that do long legal docs etc etc. I really do loathe MS though with its relentless interventions etc egtc etc @@TheMikePemberton
Exactly the info I was looking for! Thanks!
Glad it was helpful!
You forgot that local accounts handle networking and network sharing easier. Its not more insecure, its just that local accounts see each other without the extra hoops that might or might not solve the network visibility issue which just compounded when using either older devices or none-windows OSes. When MS first rolled out logging in with MS accounts, Local and MS accounts literally could not communicate on the same network, all they could do was network passthrough for internet use.
Same issue when setting up a Home Network vs Work Network.
Interesting because my two Windows 11 pcs did not want to see each other until I signed in on an old Hotmail account lol. I use no cloud services period. I knew someone else with the same issue with a few pcs, they created a single MS account and they work together now.
@nbrown5907 that's interesting, never had that problem before.
@EJAYHILL1977 Then why would two pcs running Windows 11 not see each other properly on an Xfinity router? They would not talk to each other one would pop up but could not see the other, had the simplest sharing no password options picked like in the past. Maybe one of my installs is weird then lol but I did run SFC on both.
@@nbrown5907
try to apply sharing with password then, it will complicate thing a little but a single character password is enough to make it easier.
@@nbrown5907 Easy, because the COMCAST XFINITY ROUTERS are proprietary garbage, and are known for being completely crap routers. I run my own router on a 100+device home network, using PFSense and never have these issues, and I run an unRAID system for my network storage for the whole network, all of which besides 3 XB1's and a Laptop that run Linux, every single one can see and access everything on my network. If I were to go back to an ISP controlled/supplied router, most of my stuff probably wouldn't work right.
Also without modifying things in GPE to allow for non-secure anonymous login on anything, Windows 11 since the last quarterly update has disabled that.
I was so sick of these microsoft behaviors that I switched to Kubuntu LTS 10 years ago. Despite the hurdles of learning a new platform, my "OS stress" is quite low now. No viruses, no reinstalling everything, no being locked out of your own computer. Highly recomended!
👍
I switched to Debian 20 years ago, thats the original and imho better than the bloated Ubu/Kubu, and i too used the k desktop instead of gnome.
bahahahahahahahahahahahahahahahahaha
I've been using windows since the 80's and never had a virus. And yes, you can definitely get locked out of a linux OS.
I always install a separate locally installed version of Office just to maintain the most compatibility to office documents.
Smart!!!
Agree 100%. Further protection: when you sign in to apps, do NOT use your actual information when setting up the accounts. I NEVER use my actual birthday, I never use my actual addresses, name, etc. I always try to annotate the new account and what settings were on it. Next item: There's an old expression in Word: "Save Early, Save Often". I have a 1T external drive that I download to. One thing I am doing now, is to start making sure that any Word, PPT, Excel sheet that I am done with gets turned into a PDF and just keep making sure that I make hard copies of all of it.
Absolute PITA for the most part and I still have a ways to go to get it all done, but when I'm finished, my entire career for both jobs will be hard copy in the filing cabinet and soft copy in the external drive. Once I'm satisfied there, all the sensitive stuff is removed. As long as you do it early and often, it only takes a few minutes.
That way groups like Micro$ft, as well as other malicious groups, are minimized.
This!
When you are using an external drive, make sure you have several redundancy drives, not just 1 spare. Believe me, i had 3 external Seagate Barracuda drives that crashed without warning. Full hardware mechanical failure. Impossible to retrieve the data without sending the drives to a clean room harddrive data retrieval specialists who could possibly snoop on your files while they are recovering them. I now use 3 Western Digital external drives that are replicas of my laptop harddrive.
@origenjerome8031 nice!
@@origenjerome8031 This is one of the reasons I suggested hard copies of everything. Yes, I know, really, really cumbersome and space intensive, but a hammer to the side of the filing cabinet won't destroy the contents.