Upcoming Windows 11 builds cannot install without internet and Microsoft Account
287 comments
·March 29, 2025samiv
signal11
This misses how Microsoft makes money from Windows. Taking a cut of apps isn’t that useful because most people don’t install many apps. Of course it’s still welcome revenue, especially for games, but Steam has too much goodwill there, and Epic won’t still idly by (and Adobe etc in other domains).
Instead Microsoft is trying to upsell cloud storage, backup and ad-free email (along with Office apps) with Microsoft 365. And on the biz side they’re getting into the biz of offering managed patched online Windows VDIs, kind of like Citrix.
Also Microsoft Store-only Windows is a deal killer for Windows in businesses. A lot of specialised LOB (line of business) apps run on Windows and the Store is a non-starter for those. And in home contexts there’s a bunch of legacy apps that people keep Windows for, dropping support for them will mean switching to ChromeOS or macOS just got easier.
So yeah — I fully agree they’ll absolutely shove you in into the Azure or M365 sales funnel, and individual users no longer feel like a priority. But non-store apps aren’t quite dead yet.
free_bip
The app-store-only restriction would likely be for home edition. If you want custom apps, you'll need pro or business licenses.
agilob
That's the main reason why Valve is investing in Linux and Steam Deck.
eru
Apropos, running Steam on my Archlinux Desktop with Windows compatibility turned on works really, really well. Much better than what I remembered from the bad old days of trying to get stuff running in Wine.
consp
Wine and it's alternatives have greatly profited from valve going this route and as a result all software runs better. It's a gradual improvement over time and we are past the early stages. I'm still running a gaming PC on windows but that is going to end quite soon if Microsoft keeps doing these things.
nobodyandproud
Linux Mint with Lutris and Wine.
I completely removed Windows from all of my personal notebooks and workstations.
tmikaeld
I second that, everything "just works" as you'd expect it to.
If StreamOS can get widespread and they start to introduce desktop apps to the store, I think they can take some market share.
throwaway48476
Valve started with win8, almost 15 years ago now.
danielktdoranie
The Steam Deck has done well, and releasing SteamOS for free so people can install it on their own PCs is great, but I think they should make a “Steam PC” they could sell. The majority of gamers aren’t technical and buy pre-built PCs. A Steam PC with Steam OS pre-installed would make it easy for these people to game on Linux and pump up the Linux gaming share of the gaming market.
woleium
the steam pc is the newly announced xbox, no?
donnachangstein
> I'm also 100% convinced Microsoft will introduce mandatory code signing at some point and make it so that you can only ever install software from Windows Store
2017 called. It wants Windows S Mode back.
Needless to say it still isn't very popular. But this has been around for <checks notes> 8 years now
samiv
Yep, the technology is already there.
Just a question of time before they flip the switch for good and force it down everyone's throat and call it "enhanced security and user experience".
throwaway48476
Windows S failed hard so they have a new strategy. Every new CPU ships with M$'s Pluton root of trust. For 'security' everything will have to be signed. They consider the user to be the threat actor. Eventually they will charge a percsnt fee for using their signing service.
ranger_danger
There are so many legacy apps being used in the corporate world, I don't see this realistically ever happening.
swat535
Where is the EU when you need it?
It’s only a matter of time before Microsoft forces everyone with local accounts to switch to a Microsoft Account just to access their own machines. I wouldn’t be surprised if, in the future, local accounts are completely disabled, except maybe on specialized enterprise versions of the OS.
I'm exhausted by the anti-consumer behavior of American companies, constantly restricting user choice and access, undermining privacy, and hiking up prices, all in the name of "profit".
samiv
Profit?
You mean "enhanced security and user experience"? /s
KeplerBoy
I actually would consider S Mode if it supported steam and it's games. For serious computing I boot into Linux anyways.
ndsipa_pomu
For serious gaming, I use my Linux powered Steam Deck
pxoe
It's been near a decade of them trying and failing (or over a decade, if one'd look at windows 8 and its apps as part of some plan), that at some point this 'what if they lock everything down!!' thing just sounds like a FUD, which is kinda ironic. And the 'they're locking down installs!!' thing too, every time they make a change it gets to the front page here, and yet it still remains circumventable (just use Rufus). Years have gone by and the actual "locking down" of it still hasn't arrived.
facile3232
> They are envious of the Google and Apple walled gardens/cashcows and are now determined to turn Windows into one.
Which is perplexing, because this is essentially the opposite strategy than what gave windows value to begin with.
tonyedgecombe
It would be amusing for Microsoft to end up in a situation where developers don’t want to target Windows anymore, just like Apple in the 90’s.
Perhaps they think it doesn’t matter once everything is in the cloud.
debugnik
We're most of the way there with the switch to web apps and their native wrappers, even Microsoft isn't using their own UI toolkits anymore.
The only segments left targeting Windows as a platform are games, replacements/extensions to the OS tools, and a bunch of legacy .NET LOB apps. And since the Steam Deck and clones, Wine/Proton are (very) slowly becoming the actual target for games rather than Windows.
extraduder_ire
I think that long before that developers will still be targeting the windows APIs, even if they're not intending their software for windows.
heresie-dabord
> Which is perplexing, because this is essentially the opposite strategy than what gave windows value to begin with.
Consider how much has changed since the first 25 years of MSFT. Both in business and in life in general.
throwaway48476
They tried with windows S. No one bought it and if they did by mistake they returned it.
>Windows is no longer a product for users, the users of Windows are the product for Microsoft to be shoved into the Azure sales funnel.
So true. I won't be running win11 outside of a VM and anything but win11 IoT. You know where to find it...
0xmarcin
I highly doubt it, Windows is known for its stellar backward compatibility. Code signing means a lot of older software, that is still in use, would not be able to install or run. This is not going to happen (at least in the enterprise).
samiv
I have mad respect for Microsoft engineers for the compatibility work that they've done over the past decades. It is indeed superb that you can take even today an old Win32 executable and run it and it'll just work.
But I expect the new leadership will not put much value on this. I imagine it'd play out that first to "to enhance the security and improve the UX" they'll start a shoving a bunch of nagging dialogs in the users face "this app is not safe" etc.
Then they'll add a flag to enable "unsafe mode" where the user can run unverified / unsigned code.
Then finally they'll just nuke the flag.
After all requiring that the ecosystem with the most "important" apps such as their own office suite, slack, adobe etc. grind out new versions with digital signing is not out of alignment with these companies incentives and development cycles either.
In fact I would not find it surprising if these companies would actually be approached by Microsoft to participate in any such scheme and get offered some kind of "discount" or reward (whether it's app store discount or whatever else) and these companies would only see it strengthening their own moats against any possible competition.
And I'm talking about the consumer use case, not the corporate.
anthk
You don't know how many ad-hoc legacy apps based on Java/C# are out there. Zillions. If you want to give GNU/Linux a huge chunk of share (Java and C# code from early 00's/2010 will run everywhere), MS would face a huge disaster and billions of loses.
throwaway48476
Users value backwards compatability. Users aren't the customers anymore and don't drive KPIs.
hulitu
> Windows is known for its stellar backward compatibility.
was
fph
They can just sandbox old applications, like they did with DOS ones.
bitwize
This is likely why the TPM2 requirement is a thing for Windows 11: Microsoft wants to migrate all Windows users onto a hardware base with nigh-uncrackable security/DRM protection, such that everything from power on to application is signed, approved code. For "security".
And people will buy it. Because "general purpose computing" is a niche feature for nerds. (Astronaut 2: Always has been.) And it presents enough problems and extra work that most consumers woyld gladly give it up. Most consumers just want something thet can do Facebook/Excel/Spotify/Netflix/games with.
octacat
Would not fly. Developers would not go into the store. Because everyone knows, that 30% tax would be next (basically it is the current situation on the Mac, apple could pull the switch on gatekeeper any time). And, because a lot of modern apps are just electron wrappers, people would just move to the web versions for everything. Which means killing their own platform.
soraminazuki
It's such an absurd lie. If Microsoft's idea of security is to force its users to authenticate online for a local account, they should never be allowed in the software industry at all. They're needlessly and dramatically increasing the attack surface of one of the most security critical software running on user devices.
userbinator
It's an argument for increased security in the same way that they consider uploading the contents of your hard drive to their servers to scan for "malware" (and other undesirable-to-them content) is. Corporate authoritarianism.
miohtama
The trick is that most of the users need this service. Before Windows Defender was built in you had to buy an anti virus software from sneak oil Windows security industry, and likely get somehow scammed in process.
The same companies sell anti virus for Android today.
Also most users is not all.
badsectoracula
But this made Windows Defender an actually good and useful feature for the users.
Requiring an online account to use Windows isn't really the same thing.
hulitu
> Before Windows Defender was built in you had to buy an anti virus software from sneak oil Windows security industry, and likely get somehow scammed in process.
And now you get the same from Microsoft. Clearly an inprovement.
soraminazuki
I guess Microsoft has to secure their "own" property, the devices the hostile so-called users bought and paid for!
charcircuit
Microsoft's idea of security is moving people away from local accounts protected by passwords and to Microsoft accounts protected Windows Hello.
The Windows Hello PIN is protected by the TPM. This means you can't brute force it like a password could be.
soraminazuki
That has nothing whatsoever to do with the topic, which is forcing online authentication. You can't possibly argue that needlessly forcing online authentication makes user safe.
charcircuit
The topic isn't about forcing online authentication. It's about improving security from having users use a Microsoft account. The security improvement of using a Microsoft account comes from Windows Hello.
GoblinSlayer
To brute force a password, attacker needs full access to the system, guessing the password won't give them more access.
charcircuit
No, they don't. They can clone your hard disk and use a different computer. A TPM based pin makes that approach impossible and you must have access to the system itself.
grishka
It's the entire industry's idea of security for the last 10 years or so that the company who made the thing is unquestionably more trustworthy than the users themselves.
CrossVR
And for what? Make number go up? If it's just another data collection scheme the at least I could understand why.
bboygravity
Because the NSA pays them to.
Why did they do to Skype what they did (first turn it from p2p to centralized and spyable and then just ignore it and let it die)?
Same reason.
sterlind
(Opinions are my own, I have no inside knowledge.)
I vaguely remember hearing that P2P Skype was the bane of sysadmins' existence. Skype would elect clients on high-bandwidth networks as supernodes. This tended to be business customers - the very organizations MS wanted to attract. Skype's prodigious hole-punching ability made it difficult to throttle, so it got banned from a lot of enterprises. MS essentially hosted the supernodes on Azure, which centralized it.
As for encryption, on the other hand, Wikipedia says MS specifically added the ability to eavesdrop for law enforcement agencies, though apparently Skype had already added a backdoor for the NSA before MS bought them: https://news.softpedia.com/news/Skype-Provided-Backdoor-Acce...
ashoeafoot
i wonder if some Estonian could justvrerelease the p2p originals . After all as america deteriorates its own influence , at some point the lawyers of the big 4 will be seen as barely disguised tendril of a hostile power in Europe . Who cares about your sales contracts if the president goes for Greenland . We might see a SkyEarthFireWater-Open source re-release one day. Just another tradewar anecdote .
anothernewdude
If windows is security critical for you, I think you've already shat the bed.
soraminazuki
The problem is that many other people and organizations run Windows and it's absolutely security critical for them. And because we don't live in a vacuum, it's security critical for all of us.
consp
Some windows versions have cc certification. Doesn't say much but it ticks the box some people want and call it a day.
brokegrammer
A while ago, I needed to get into safe mode to rescue a laptop that wouldn't boot.
Since it uses Windows 11, I originally logged in using my Microsoft Account and a Windows Hello pin.
Safe mode doesn't load wifi drivers and the laptop didn't have an ethernet port, so I couldn't log in to my Microsoft Account to get into Windows safe mode. Didn't have a dongle with ethernet port at that time, so I had to backup the drive and reinstall Windows instead.
That's why I use Linux these days.
Szpadel
wait, you need internet connection to even login? this means root cannot use computer when you do not have internet connection for any reason?
vishnugupta
I’m not in Windows ecosystem for more than 25 years now. But I had to buy couple of windows laptops for sales team at my business. I tried very hard but windows wouldn’t allow me to set it up without first creating Microsoft Account online. I’m in Apple ecosystem, not that they are significantly different but they atleast allow me to use the system albeit in limited capacity.
I’m seriously considering going back to Linux for my next work setup.
yonatan8070
There was a trick to bypass the online account requirement. You press Shift+F10, which launches a command prompt, then use `oobe\bypassnro`. This reboots the system and adds a button to set up offline.
asa977
We’ve been running our company (6ish people) solely on Fedora and it’s been a breeze, but then we’re a bunch of nerds, so not necessarily a surprise. The real test how much the Linux desktop has matured happened when I set up a fedora laptop for my parents to get around hp desperately coaxing them into some kind of subscription and an endless stream of ads/complaints from Microsoft to buy into a cloud service. After setting up the laptop and explaining the very basics of Plasma, I’ve had to deal with it again. Because with printers, it just works (tm)
Aaron2222
> I’m in Apple ecosystem, not that they are significantly different but they atleast allow me to use the system albeit in limited capacity.
Define "limited capacity". Other than Apple Services like iCloud, FaceTime, iMessage, Apple Music/TV, etc, it should just be the App Store that's unavailable without an Apple ID (which _is_ crippling on iOS, but not so much on macOS).
daveoc64
>wait, you need internet connection to even login?
No, you can log in without being connected to the internet (that obviously happens a lot on a daily basis, where people are using a laptop with no connectivity until after they sign in).
benhurmarcel
That’s not the case. I have a Windows 11 computer around, set up with a Microsoft account and Windows Hello, and I can log in just fine without internet connection.
brokegrammer
> you need internet connection to even login
That's right. It sounds like a bug but this is Microsoft we're talking about here. They're probably brainstorming for ways to lock you from your own computer.
You can solve this problem by creating an offline account with Admin privileges after setting up Windows with your online account, but most users won't do that.
lolsowrong
This doesn’t seem true. Doesn’t LSASS cache credentials for 30 days?
GoblinSlayer
Reinstalled windows recently, now it has the window resize bug, which apparently has something to do with display sleep mode. Reportedly linux struggles with sleep modes too, but to think I should try linux for better hardware support, duh. And new windows is very fiddly, constantly tries to install new metro apps, adds them to lock screen, installs new services, runs a shit ton of services that constantly write a lot of data on the disk. Enshittification is in full overdrive now.
consp
Linux struggles with sleep mode sometimes due to Microsoft and Intel pushing S3 into S2idle and motherboard/bios manufacturers doing the absolute minimum to support either.
danieldk
I had the same impression, but support for new sleep modes seems to improve quickly. A few years ago I had a Gen 1 ThinkPad T14 AMD, which still had S3 sleep. A significant portion of the resumes it would come up with some devices not working (e.g. trackpad, fingerprint reader, etc.). I recently got the 5th Gen T14 AMD and the only issue I have is that the fingerprint auth takes a few seconds to come up, but other than that I haven't had any resume issues yet.
mythz
All these user hostile behavior finally tipped me over the edge last year after I started to get Windows 10 EOL popups. No way I was going to "upgrade" to a ad/spyware/subscription ridden MS marketing platform and be constantly nagged at to try out more of their services.
Moved to a Fedora Desktop, liberating to move back to an conflict-free OS whose primary focus is to serve its users, imagine that.
jwrallie
I've been running the Xfce spin of Fedora for the last year, and it is the most stable OS I have since forever.
For the few programs that really need Windows, I use Qemu/KVM with Virt-Manager and Samba for sharing files.
I wish to keep using this setup, I just hope buying hardware with good Linux support in the future does not become too difficult. I fear moving away from x86 will make things harder.
throwaway48476
Judging by the price of Qualcomm laptops x86 isn't going away any time soon.
atemerev
Windows is a launcher for games, there is no other use for this system (correction: it still runs some specialized professional software that is too expensive to port). And now, even most of the games work on Linux too.
Ylpertnodi
I have lots of windows (mainly music) software that I need, let alone outright purchased, and isn't available on Linux.
herbst
I got into music production again recently. To my surprise most recommended new software is either Linux native or properly ported. See reaper for example.
Many years ago music on Linux was hard, and years behind. Software was limited and the audio driver situation was a mess. But now you get professional software directly in the package manager and choose between several very reliable sound systems and even use the far majority of VST Plugins.
atemerev
It is usually available on Macs. Of course, there is still some specialized software for Windows, e.g. many CADs. But all these things are now marginal. If you are a software engineer and use Windows for your work, you are now a minority.
rekoil
I was looking to move to Linux for my gaming PC, just about pulled the plug when Respawn decided that all cheaters in Apex Legends were supposedly using Linux and decided to block Linux users from playing...
EasyMark
I've been using Xubuntu for years now,and run Windows 10 in a VM for the few things I need on there that I dont' have a linux replacement for (or cared to hack together). I'm about 99% linux and macos now, and don't miss windows at all.
JoshTriplett
According to the linked discussion, the underlying setting that the script set still exists, so this simply makes it less convenient.
It should absolutely be taken as a warning sign, though. Seriously, if at this point you're installing Windows and relying on the existence of that setting, you should be seeking alternatives.
technion
I've been saying the writing was on the wall for a long time. Any time someone says how easy it is to simply avoid MS account registration I've argued that it's not going to last much longer.
Even Microsoft's current Storage Spaces Direct won't let you start a locally hosted Hyper-V VM without an Azure connection.
HeatrayEnjoyer
What if there's an outage or somewhere you don't have reliable internet?
mhuffman
>Fuck people that live in very rural areas!
-Microsoft, apparently
Teever
Then this isn't the operating system for you.
throwaway48476
Recently Sony PSN was down for days because of a DDoS. Centralizing failure points is always a bad idea.
technion
If you're running Microsoft Storage Spaces Direct/AzHCI and there's no internet for an extended period you can't start on premise servers.
notepad0x90
There are a lot of "workstation" type enterprise deployments where by policy, internet access is forbidden. Microsoft knows this, at least for professional and enterprise editions of Windows, I find it hard to believe an internet connection would be required, like ever.
I would also say the same about require either a live.com or M365/EntraId account for local login on AD joined systems' installations. Unless of course they require you to setup a base-image with an internet connection and then convert accounts to local-only post-install, which sounds like a typical Microsoft approach.
yonatan8070
Accorsing to the first comment under the OP the script just runs:
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE /v BypassNRO /t REG_DWORD /d 1 /f
Either way, I've been happily on Fedora for a while now, with very minimal "fuck I can't do that here"
briHass
Managing Windows devices at work using the online-first paradigm makes it clear what MS is trying to achieve here, but it's poorly communicated, as usual. In the M365/Entra world, the big benefit is having cloud Active Directory (Entra/AzureAD) and automated deployment (Intune/Autopilot) all integrated. For home users, you get bits and pieces of this, but it feels unnecessarily limited.
What MS wants (from a charitable interpretation), is the ability to encourage/enforce full disk encryption (Bitlocker), TPM-based MFA and TPM-backed passkeys (Windows Hello), as well as tight integration with their product suite (Office/OneDrive) and browser (Edge). Syncing settings, apps and other things between devices (or on setup) is also a win, though it's pretty basic right now.
Though silly to a technical crowd like HN, FDE for regular users requires a way to not lose all their data if they forget their password or some other issue happens with secure boot or the device. Non-technical users aren't going to understand the importance of backing up their Bitlocker recovery key, and without it, they're hosed. During online setup, MS stores this key online to the MS account, so it is recoverable.
MS isn't going to limit the integration and security they can provide by adhering to a local-only OS concept. It's not what most users actually want, and their competition (Apple, Android) does the same thing, so users are used to it. I just wish they had a light (inexpensive) version of the Entra/Intune package for home users that want to be able to manage multiple devices and get the real advantages of the online link.
defrost
Earlier on HN: Windows 11 is closing a loophole that let you skip making a Microsoft account (theverge.com)
139 points | 5 hours ago | 125 comments https://news.ycombinator.com/item?id=43511073
bsdetector
In October when Windows 10 support ends it'll finally be the year of desktop linux.
nullify88
Well, those that are on the Windows 10 IoT LTSC builds will enjoy updates until 2032.
https://learn.microsoft.com/en-us/lifecycle/products/windows...
zakki
Do you know where to buy it?
mkl
It's hard to find information about it, but this post has quite a bit (some may be out of date): https://www.reddit.com/r/sysadmin/comments/bbof9s/windows_10...
nullify88
As far as I know you need to sail across the high seas.
ugjka
mas
grishka
I'd like to remind you that there are still millions of people around the world using Windows 7 daily. The fact that some software is no longer supported by its developer doesn't mean it stops working somehow, or becomes radioactive.
MYEUHD
It becomes easier to exploit, as it no longer gets security updates; and vulnerabilities are publicly disclosed.
grishka
You can't really exploit something when its attack surface is nearly nonexistent, which is the case for most people who use an outdated OS on their personal device, for example.
hilbert42
"I'd like to remind you that there are still millions of people around the world using Windows 7 daily"
Correct, and I am one of them!
null
acuntcalleddan
[flagged]
squarefoot
When you're forced online, you become less resistant to products and services being fed from the cloud, then computers can be produced cheaply with less storage and resources, and almost everyone will end up running dumb terminals. It doesn't happen overnight, but more and more people would rather buy a 150 bucks PC plus pay per use services rather than a 250 one that can host and run installed software, then the market would do the rest by making real computers more expensive as they transition to niche products. I'd rather start familiarizing with open and less intrusive operating systems.
ungreased0675
Windows 11 is the reason I’ve returned to Linux after a decade away. Microsoft doesn’t seem to be concerned about killing the golden goose. I wonder if they have data on just how much hostility users are willing to put up with?
atemerev
The golden goose is now Azure. Windows is (or will be soon) a free complementary OS to make more people use Azure services.
sagolikasoppor
The only issue with that is when you switch to Linux, alternatives to Azure is much more compelling. I would never use Azure services unless I'm on Windows.
ungreased0675
Could you explain this a bit more? I happen to like Azure, probably because I understand it a lot better than the other cloud platforms. What’s the connection to Linux OS?
atemerev
Well, I do. I still like Outlook, and it works good enough as a web app. Same for OneNote. Azure as the development platform is crazy, of course. But I also have a friend who I respect much, and who is probably a better engineer than me, who likes Azure and completely unproductive with AWS, so _maybe_ that's a matter of taste. Just like tabs and spaces. I prefer spaces, but whatever.
I'm also 100% convinced Microsoft will introduce mandatory code signing at some point and make it so that you can only ever install software from Windows Store.
They are envious of the Google and Apple walled gardens/cashcows and are now determined to turn Windows into one.
Windows is no longer a product for users, the users of Windows are the product for Microsoft to be shoved into the Azure sales funnel.