If the user forgets their account password and recovers the account by answering their configured security questions, will they lose access to EFS-secured files? Or is guessing the recovery questions enough to gain access to EFS-encrypted files?
Is this configurable, and, if so, how is it configured?
I am asking this in the context of non-Domain-joined Windows 10 computers, with no especial backup options pursued (such as a data recovery agent), with a local user account that's been created by the normal user setup wizard (i.e., not joined to a Microsoft account).