On Windows RT, logging in with a Microsoft account automatically activates passive device encryption, a feature-limited version of [[BitLocker Drive Encryption|BitLocker]] which seamlessly encrypts the contents of mobile devices to protect their contents. On Windows 8.1, device encryption is similarly available for x86-based Windows devices, automatically encrypting user data as soon as the operating system is configured. When a user signs in with a Microsoft account or on a supported Active Directory network, a recovery key is generated and saved directly to the user's account. Unlike BitLocker, device encryption on x86-based devices requires that the device meet the [[Connected Standby]] specifications (which among other requirements, requires that the device use [[solid-state drive|solid-state storage]] and have RAM soldered directly to the motherboard) and have a [[Trusted Platform Module]] (TPM) 2.0 chip.<ref name=ars-deviceencryption>{{cite web |first=Andrew |last=Cunningham |title=Windows 8.1 includes seamless, automatic disk encryption—if your PC supports it |url=https://arstechnica.com/information-technology/2013/10/windows-8-1-includes-seamless-automatic-disk-encryption-if-your-pc-supports-it/ |work=[[Ars Technica]] |publisher=[[Condé Nast]] |date=October 17, 2013 |access-date=October 18, 2013 |archive-date=July 5, 2014 |archive-url=https://web.archive.org/web/20140705171318/http://arstechnica.com/information-technology/2013/10/windows-8-1-includes-seamless-automatic-disk-encryption-if-your-pc-supports-it/ |url-status=live }}</ref><ref>{{cite web |last=Thurrott |first=Paul |author-link=Paul Thurrott |title=In Blue: Device Encryption |url=http://winsupersite.com/windows-8/blue-device-encryption |work=SuperSite for Windows |publisher=[[Penton (professional information services)|Penton Media]] |date=January 20, 2014 |access-date=June 10, 2013 |archive-url=https://web.archive.org/web/20130609041130/http://winsupersite.com/windows-8/blue-device-encryption |archive-date=June 9, 2013 |url-status=dead }}</ref>
