On Windows 11, Microsoft is making it more difficult to bypass the internet and Microsoft account requirements during setup, effectively preventing users from creating a local account. In my opinion, this is a mistake.
This change is rolling out with Windows 11 build 26120.3653 and build 26200.5516, where Microsoft has removed the “BypassNRO.cmd” script, a workaround that previously allowed users to skip these requirements.
According to Microsoft, the decision aims to enhance security and improve the user experience. However, as expected, users quickly began to show their frustrations over the change.
Before diving into the reasons behind this pushback, let’s start by saying that it’s not a secret that Microsoft strongly prefers users to set up their PCs with a Microsoft account. This approach not only integrates seamlessly with the company’s online services and apps but also translates into significant money opportunities.
A Microsoft account enables key features like file and setting synchronization across devices, parental controls, and device tracking if lost or stolen. Additionally, since Windows 11 24H2, the system now automatically enables device encryption during installation, storing the recovery key in the linked Microsoft account.
Despite these benefits, Microsoft should keep the option to create a local account, especially during setup. There are several important reasons why restricting this choice is a step in the wrong direction.
Enhanced privacy
The first reason is privacy. A local account works independently of Microsoft’s cloud services, ensuring that personal data remains locally on your computer.
This approach minimizes data sharing with external servers, addressing concerns about data collection and user tracking. However, the company also collects telemetry data regardless of the account type configured on the device.
Easy setup
When using a local account, you don’t have to be connected to the internet to complete the initial configuration, and the number of steps is significantly reduced.
Currently, on Windows 11 Home and Pro, you must have the computer connected to the internet. Otherwise, it’s impossible to complete the initial setup without using workarounds, which means you’ll have to go to another physical location and use a Microsoft account to complete the setup.
Simple management
For systems that do not require synchronization across multiple devices, a local account offers a straightforward setup without additional configurations associated with online accounts.
Unrestricted account access
A local account works without an internet connection, allowing users to access the system and perform tasks without being online. This is particularly beneficial in environments with limited or no internet connectivity.
It’s important to note that accessing a computer configured with a Microsoft account is possible, but only using a PIN. If the device isn’t connected to the network, you won’t be able to sign in using your password.
Better profile configuration
By default, the system uses the first five letters of your email address from your Microsoft account to create your profile folder, which might help to randomize the name to avoid conflicts when creating multiple accounts, but the end result is a folder name that doesn’t make much sense.
On my main computer, I usually create a local account during the setup since it allows me to create a more meaningful folder name, and then I link the account with my Microsoft account.
And I’m not the only one. Our own Zac Bowden also happens to have a similar opinion.
I usually advocate linking Windows 11 with a Microsoft Account post OOBE, because the way OOBE sets up your user directory when you sign-in with an MSA during setup is so stupid. It uses the first 5 letters of your email address, not your first name.March 31, 2025
Better Remote Desktop
Finally, another reason Microsoft should never remove the option to create a local account is to avoid Remote Desktop connection problems.
Currently, if you use a Microsoft account and want to establish a remote connection, you will be able to connect, but you won’t be able to sign in. In this case, you would have to turn off the Windows Hello option, then sign out and sign back into your account with your password, and only then will you be able to authenticate using the Remote Desktop.
If you have a local account, you can establish a Remote Desktop connection without issues using your password.
Users should have the choice to decide
I believe Microsoft should restore the option to set up the operating system in the Out-of-box Experience without workarounds and let people decide, since this tactic seems rather manipulative.
It’s important to note that the option to create a local account is still available from the desktop experience. However, it wouldn’t be a surprise if this account type goes away in future releases of the operating system, at least for the Home edition.
You can always get around the Microsoft account requirement during the initial setup without using different workarounds by setting up your device with a Microsoft account and then creating a local account from the Settings app, switching to the new account, and deleting the profile with the Microsoft account.
Alternatively, you can perform a clean installation with a custom USB flash drive to bypass the online account and other requirements. Or in the Out-of-box Experience, you can use the “Shift + F10” keyboard shortcut to open Command Prompt and then run the start ms-cxh:localonly command to bring up the legacy account manager to create a local account, skipping most of the extra steps.
What are your thoughts on Microsoft forcing users to use a Microsoft account to set up the operating system? Let me know in the comments.
More resources
Find in-depth guides, troubleshooting tips, and the latest updates on Windows 11 and 10 here:
