I suspect you’re the only one ‘pointing it out’ [about the screensaver] because you’re behind with the times. It’s simply not accurate to suggest that Windows isn’t encrypted – it is. This has been the default configuration since Windows 8.1 – full disk encryption.
Let me reiterate what I said earlier: if you have a lockable screensaver somebody cannot gain access to your files. No can do.
- If they restart the computer they need your password to login to your user account..
- If they remove the hard disk and put it into another system the data is useless (it’s encrypted).
- If they try and boot up into a live CD environment the data cannot be read (it’s encrypted).
Somebody with physical access cannot get at your data. (Forget about EFS; that’s old-hat and isn’t how Windows Device Encryption works. EFS is file-level, certificate based encryption which doesn’t encrypt the whole disk.)
The article you quoted is incomplete. It talks about BitLocker which as I said earlier is only available for Pro, Education or Enterprise users. Everybody else gets Device Encryption; you get fewer options but the net result is the same: full disk encryption. Here’s a more accurate article. All modern systems support Device Encryption since that article was written in 2013.
Here’s my original post:
“Windows includes device encryption, turned on by default, for all Home users. Business users get BitLocker. Both products prevent somebody with physical access circumventing the screensaver. Long gone are the days when you could boot into another OS with a CD/DVD/USB and access the home directory. Nor you can you remove the password from the user account from a system with device encryption.”
Apart from there being some undisclosed ‘practical reason’ for not locking your screen (in which case you’ve rendered AxCrypt and any other encryption product useless) the argument that locking your screen doesn’t protect you is fallacious for the reasons I’ve given above. It’s the best line of defence.