Hi,
I tested this scenario too but without MBAM because I don't have one.
- create user 1 and user 2
- logon with user1 and turn BitLocker on, save the recovery key file
- logon with user2, decrypt the volume, turn BitLocker off then turn it on again to encrypt it, save the recovery key file
- compare two recovery key files
Conclusion: Each encryption will generate a new recovery key. Recovery IDs are also different.
So I think it's normal that user 1 and user2 both have recovery ID in their self service portal.
But during my test, I found that when I logon with user2, I can see file and file folder of user1 when I choose to save a file. The files and folders were created on user1's desktop. I cannot see them on user2's desktop so I cannot try whether I can open them but they did appear when choosing where to put newly-created files.
So if two users use same computer, they may both have access to some data in the PC. This might be a risk.
----------
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.