alt Hacker News>so they had to make a seemingly ridiculous statement (because who in their right mind would trust bitlocker) to call attention that "something is very wrong"
Alternately, they don't want people to rely on abandonware for security.
Also, despite the conspiracy theories of backdoors I'm not aware of any bitlocker exploits that work on TPM + pin, which is the intended "secure" configuration[1]. All exploits rely on TPM-only (ie. ez-mode), which is basically the security equivalent of running https/ssh without certificates and blindly accepting whatever keys shows up.
[1] https://learn.microsoft.com/en-us/windows/security/operating...
Why do you need a separate PIN anyway? Shouldn't your Windows password be enough? Having to enter two different codes makes it unlikely a majority would use the system. I would be surprised if iOS or Android required a separate PIN for encryption.