Because then you can’t change your password. Since you would have to decrypt all the hard drives that use windows with that account, and then encrypt them again with the new one.
This also means that if you forget your password you are fucked.
Typically an actual key is effectively just a very long pseaudorandom binary blob and the passphrase is just used to unlock the actual key. This means you can add a new key just by encrypting the actual key with the new passphrase
Typically that is also the way you can use multiple accounts to unlock the same hard drive encryption. You just encrypt the actual key with each of the account passwords.
Is there a legit reason for this? Why can’t they just encrypt the data with the password used to access the online account?
Because then you can’t change your password. Since you would have to decrypt all the hard drives that use windows with that account, and then encrypt them again with the new one.
This also means that if you forget your password you are fucked.
Typically an actual key is effectively just a very long pseaudorandom binary blob and the passphrase is just used to unlock the actual key. This means you can add a new key just by encrypting the actual key with the new passphrase
Typically that is also the way you can use multiple accounts to unlock the same hard drive encryption. You just encrypt the actual key with each of the account passwords.