Windows 11 Requires a Microsoft Account

Microsoft would really like you to sign in to new Windows PCs using a Microsoft Account, and not a local account set up on the computer. This has some advantages, but several important drawbacks that may even circumvent a company's security.

Microsoft first started prompting for this in Windows 10, but there were ways around it. However, a Microsoft Account is required for Windows 11 Home, and this fall one will be required for Windows 11 Pro as well.

Benefits

• Links the PC to the Microsoft Account (Windows license, backs up BitLocker keys, etc.)
• Windows uses this account to link features between devices
  • syncs contents of Desktop, Documents, etc. via OneDrive
  • Edge browser settings and saved passwords
  • Windows Store app purchases
  • personalized settings such as background and Start menu

Drawbacks

• If the employee leaves, the PC is still linked to their personal account
• The employee's personal account becomes an administrator on the PC
• Company account passwords may be synced to home PCs
• Company documents may be synced to home PCs
• Personal documents may be synced to work PCs
• Sign-in may fail if the Internet is inaccessible (outage, or incorrect network settings are entered)

What Can I Do?

Originally there were workarounds such as not connecting the network cable (or, not connecting to wireless when prompted) when first setting up a new device. This way, Windows would try and fail, and fall back to creating a local account that is only on the computer. Industry watchers expect Microsoft to remove this ability this fall.

ITS recommends each firm create a company Microsoft Account used for the initial sign-in on new devices. Afterwards, one can create a new local-only account for the employee to use. This is easy to do through ITS TeamCare.

Another approach is to have the employee create a new Microsoft Account using their work email address, though that still leaves them as an administrator on the computer...something ITS generally recommends against for improved security. And, this won't work if the company uses Microsoft 365 for email...Microsoft now blocks that because they would prefer businesses sign up for their more advanced business licensing that can help streamline PC setup...but of course costs more.

 

September 2022

Send this article to a friend!
Subscribe to The ITS Connection

Related articles

• Windows 11 - What Your Business Needs to Know
• Plan Now To Replace All Your Old PCs by 2025
• Return to article list