Windows 11 Home - First Real One

[Sky-Knight]

So I have a client that snagged a SurfacePro 8, and along with that means Windows 11 Home.

I can confirm you cannot complete initial setup without a Microsoft account. I can however also confirm that you can create a 2nd user on the device that is NOT an MS account user, purely local.

Only real curveball is the need for a USB C to A adapter so I can use my thumb drives. That and my tools improperly ID the thing as Windows 10 still. But that'll get fixed in time.

 

[britechguy]

That and my tools improperly ID the thing as Windows 10 still. But that'll get fixed in time.

If, and only if, Microsoft stops improperly IDing Windows 11 in the core code. It still is designated as an iteration of Windows 10.

And since I like to avoid local Windows accounts to the maximum extent possible, the requirement for a Microsoft Account is, to me, a very good thing.

 

[YeOldeStonecat]

You actually can, week or so ago my wife saw some tropical themed danged HP laptop on QVC and got it, I unbuckled it...ran into similar thing with Win10 Home...you just need to kill the internet connection at the right time and you'll get a local account...I did it. Bring up services.msc and kill the....network something or another service...(You can Google it).....BOOM, chance for local account.

Hopefully she sends that HP back though, I don't want to support it..yuck.

 

[britechguy]

you just need to kill the internet connection at the right time and you'll get a local account...

Do you still have the option to just not establish a WiFi connection, period, during setup? That was a trick I saw used in the past, just skipping the connecting to the internet entirely until after the machine had booted into Windows for the first time.

 

[Sky-Knight]

No you do not, This surface wouldn't progress through setup until an Internet connection was established.

The old hack of just keep it offline did NOT work. Tried it.

 

[Porthos]

Supposedly the following works.
If installing a Windows 11 Home edition and you currently do not have an Internet connection available, press the Shift + F10 keys to open a command prompt. Copy and paste the taskkill /F /IM oobenetworkconnectionflow.exe command into the command prompt, and press Enter. Close the command prompt, and continue at step 21D to set up a local account.

 

[YeOldeStonecat]

Do you still have the option to just not establish a WiFi connection, period, during setup?

Can be disabled...yes....but there's a second process that starts that you must shut down. Task Manager....kill "Connection Flow" is what worked for me. Pretty easy actually, and I didn't dream it or imagine it.


I also have read (and will test and confirm)....you can kill a special wifi connection wizard via command prompt....some longer "oobe..connection..blah blah".
And also you can enter an intentionally fake MS account and it will error out and let you do a local account. (you of course have to pick a MS account that does not exist).

 

[timeshifter]

Here's How To Install Windows 11 Without An Internet Connection

Microsoft may eventually shut down this method as well, but at least you're still not currently forced into using an internet-connected device for the setup of Windows 11.

hothardware.com

 

[Porthos]

Here's How To Install Windows 11 Without An Internet Connection

Microsoft may eventually shut down this method as well, but at least you're still not currently forced into using an internet-connected device for the setup of Windows 11.

hothardware.com

That is basically what I posted.

 

[Diggs]

And also you can enter an intentionally fake MS account and it will error out and let you do a local account. (you of course have to pick a MS account that does not exist).

This seems quickest and easiest. I don't mind command line but easier to remember the Taskmanager routine when in the field. I thought I used to be able to three-finger salute (Ctl-Alt-Del) my way into a reboot at the mandatory MS account create/login screen but I see that doesn't work any more.

I dislike the online accounts but I think it's just bias. I have a tough time making a strong case against them. I need to remember Google has been doing that with my phones for years.

 

[britechguy]

I have a tough time making a strong case against them.

And given what gets repeatedly discussed on this very site about end users and license keys, etc., I can't make any case against the Microsoft account. For their stuff the fact that all the licenses for a given individual are "tied up with a neat little bow" takes away a ton of work I don't like doing and that, at times, ends in failure.

They're a fact of life, and I can't see a single benefit to a local account (and for whoever might, don't even try a privacy angle; the difference isn't even a drop in the proverbial ocean).

 

[nlinecomputers]

How about BitLocker? Microsoft forced use of the account also forces use of BitLocker Device Encryption. If people kept up with this otherwise useless Microsoft Account and if people made proper backups then BitLocker would not be a big deal. As it is a we are about to see a huge surge in people locking the keys in the proverbial car with the only solution being vaporize the car.

Unlike a Google account where you probably, but not always, have gmail and apps purchases tied to your phone it is much less likely that you have such ties to a PC.

As the recent BitLocker topic shows many people create the account and never use it. That’s just a recipe for disaster.

 

[britechguy]

But, as the recent topic also showed, you can turn BitLocker off.

You are the one who insisted, and accurately I might add, that device encryption and BitLocker are one and the same as far as the underlying technology used. The difference is in what you have direct access to changing. And as far as I know, there's no choice about device encryption, regardless of account type.

I despise with a burning passion the approach of encrypting abso-friggin-lutely everything! It has results in precisely the "vaporize the car" situation you describe, and that could be so easily avoided if it were not on by default, and people needed to make conscious choices about what warrants that sort of protection.

I'm also sick to death of the very idea that going overboard with automatic protection of any sort I can think of is gaining us anything.

I just hope that taking system image backups keeps becoming more common, even though it almost certainly will never be "common enough."

 

[nlinecomputers]

But, as the recent topic also showed, you can turn BitLocker off.

But only after the fact and most people, even techs, are unaware of this until it bites you in the butt.

 

[britechguy]

@nlinecomputers,

Agreed. And if I had my way BitLocker would be OFF by default. Or, at the very least, you would be asked whether you wanted it on and given the option to decline during system setup.

 

[nlinecomputers]

What happens when you forget your password on Windows 11.

 

[britechguy]

What happens when you forget your password on Windows 11

Which might, finally, get a significant number of users to treat same like they treat their wallets and keys. While these can, and do, get lost or stolen most of us never experience either because due diligence is applied, consistently, for those.

 

[Sky-Knight]

Which might, finally, get a significant number of users to treat same like they treat their wallets and keys. While these can, and do, get lost or stolen most of us never experience either because due diligence is applied, consistently, for those.

Microsoft account on the desktop means use of Windows Hello, use of Windows Hello means use of Microsoft Account associated MFA on the machine in question.

TLDR, you can login to your desktop via your cell phone, assuming the authenticator is working anyway. No need for passwords at all.

BUT that still leaves the non-trivial mess of WTF to do when the mobile device is lost / stolen / flushed / crushed / or in the hands of the wrong person. Managing all of this for businesses is easy, just part of the services I sell, but individuals shouldn't be have to pay for people like us to keep this junk straight.

Nevermind the other thread, and the fact that in it we have an MS account recovered after peeking into a registry hive... if said hive is readable, the drive isn't encrypted! So I'm left to assume that "Device Encryption" doesn't actually encrypt the entire disk, only certain bits of it. So I'm left questioning its value.

 

[nlinecomputers]

He peeked into the backup not the drive.

 

[britechguy]

TLDR, you can login to your desktop via your cell phone,

Which I can't. Password or PIN. Period, end of sentence.