so if i did the manage-bde, and set it for PIN-and-TPM, it would generate an error?
I have bitlocker enabled.
BUT, being that this is a laptop, and i might carry it out of the house (and even if IN tghe house), i want as much security on the machine as possible.
NOW, i have been reading for windows 11 home, how the username/pin/password login security has been beefed up against brute force attacks, etc, by having 2-second delays between atempts, and also after so many failed attempts it forces a restart.
BUT, any documentation on this is sparse. to me, bitlocker even with TPM is useless if the machine has booted up to the login screen, for username/pin/password, because then bitlocker is unlocked and data is accessible.
BUT, per the few reveiw's i found, somebody can't BOOT from a usb stick, or other device, to have bitlocker unlock, so that is SOME protection.
I am just looking to see how well the combination of disk-encryption-plus w11-home-plus-TPM actually protects a wayward laptop, or even a desktop.
and thanks for reply and any other info that you may have ! :-)