This is why i use the key backup to OneDrive option.
My threat model is a lost or stolen device or RMA/repair.
If someone wants my data so badly that they’ll be able get into my OneDrive account that is protected with a passkey or a 32 char password + MFA and also have physical access to my devices let them have it.
Anyone who is that determined and capable can always resort to rubber hose cryptography and I want none of that in my life.
My threat model is a lost or stolen device or RMA/repair.
If someone wants my data so badly that they’ll be able get into my OneDrive account that is protected with a passkey or a 32 char password + MFA and also have physical access to my devices let them have it.
Anyone who is that determined and capable can always resort to rubber hose cryptography and I want none of that in my life.