Author's right about one thing, the user expects security to be invisibly taken care of by the OS itself and doesn't care about how. In my experience, the first time most users learn about a security feature is when it throws up a roadblock, and from there the only thing they care about is how to get around it. The real issue here imo is how Windows expects the user to be diligent in setup, record their recovery info, and keep it in a known safe location, instead of just mashing "next" so they can just use the computer already, but that's another conversation.
I'm actually pretty hopeful about this - I do some home computer help as a side gig and Windows recovery is usually either great or a complete roadblock. Usually if it can get to the recovery environment and people remember their passwords the existing tools are great. If not... well either wipe or good luck. Anything that helps Windows get to the RE is great.
It's like tech debt. It's an ongoing cost in a one and done environment, it's hard to see problems from the outside until there's catastrophic failure, and if there's a slow niggling annoyance of things getting worse over time the point where people notice enough to care is usually past the point of needing a refactor. So we get underspending where it matters, overspending where it doesn't, and the solution is always a redo.
