9 Hidden Default Settings and Behaviors on Windows 11
Discover some of the Windows 11 defaults that most regular users never notice from a new setup.

Windows 11 comes with a set of default configurations that sometimes go unnoticed, and in this guide, I'll highlight nine of them.
When you set up a new device or do a clean installation, the operating system quietly enables some features while turning off others. These decisions, made on your behalf, can affect everything from performance and privacy to storage and energy use.
From smart updates that use clean energy to invisible cloud backups and hidden security changes, Microsoft continues to make subtle changes designed to improve the experience. However, not all of them are obvious, or the best choice for the end-user.
In this guide, I'll share nine behaviors you probably didn't know about Windows 11. If you're already familiar with them, consider this your friendly reminder of what's running behind the scenes, and how to take back control (where applicable).
System defaults you didn't know about on Windows 11
These are (only) some of the default settings and features that Windows 11 quietly turns on or keeps disabled after a clean installation or while setting up a new device, and most users never notice.
1. Windows Update can use renewable energy
Windows 11 schedules updates to align with regional clean energy availability to minimize carbon emissions.
Since version 22H2, the Windows Update mechanism detects when the computer is plugged in and connected to the internet, and when regional carbon intensity data is available, the system will schedule installations at a time that may produce lower-carbon emissions.
All the latest news, reviews, and guides for Windows and Xbox diehards.
As part of this change, Windows 11 also ships with new default settings for the screen and sleep. For example, on battery (modern standby devices), the screen is now set to turn off after 3 minutes, instead of 4. When plugged in, the screen goes off after 5 minutes, instead of 10.
Similar default settings are also applied to send the device to sleep.
Furthermore, for S3 devices, the only difference is the sleep timers, which are now set to 10 and 15 minutes when on battery and plugged in accordingly.
2. Microsoft account backs up apps and settings by default
If you set up a new account on Windows 11 using a Microsoft account, the system turns on system backups to the cloud.
The backup includes an inventory of your apps and system preferences, such as accounts, wireless networks, and passwords, as well as personalization, language, and many other system settings.
However, this isn't a full backup or something you can access to restore items individually. Instead, this backup is part of the recovery process that you will have access to from the initial setup (Out-of-Box Experience (OOBE)) when configuring a new installation of the operating system.
Although you cannot manage these backups, it's possible to control the items that the system backs up to the cloud through Settings > Accounts > Windows backup, and you can turn off this feature by disabling the options on the page.
Furthermore, you can clear the data stored in the cloud from the "Devices" page in your Microsoft account by using the "Clear synced data" option.
3. Delivery Optimization is enabled by default
On Windows 11, "Delivery Optimization" is a feature that helps the device download updates more quickly.
The feature uses different sources to download updates using a peer-to-peer network sharing technology, meaning that the updates come from the Microsoft servers as well as from other computers in the local network and even from other devices on the internet.
By default, the feature is configured to download updates from the local network, and when the feature is turned on, the device can also send pieces of previously uploaded updates to other computers in the local network.
When the system uses this feature, the data is encrypted, and the entire package isn't downloaded from a single source. Instead, the computer downloads pieces of the update from different sources, and then it reconstructs and installs the package on the device.
Although this feature is safe to use for the most part, it's possible to turn off "Delivery Optimization" to continue getting the updates only from Microsoft servers. However, downloads can take longer, but you won't be sending or receiving packages to other computers.
4. Find My Device is turned on by default
If you use a Microsoft account to create your profile, the system will also enable the "Find My Device" feature.
As the name implies, the feature has been designed to help you locate your computer if it is ever lost or stolen. It's similar to the tracking features on phones.
When the feature is turned on, the system will send the approximate location to the Microsoft servers, and you can access this information from your Microsoft account online.
Although this feature can come in handy, if a thief performs a clean installation of the operating system, the link to your Microsoft account will be broken, and you will no longer be able to track the device.
Also, enabling this feature means that your device's location data is being sent to and stored by Microsoft. If you consider this a privacy concern, you can disable Find My Device from the "Privacy & security" settings.
5. Device Encryption is turned on by default
Starting with version 24H2, on a new installation, Windows 11 enables Device Encryption (BitLocker) by default, and stores the decryption key on your Microsoft account.
Default encryption is a significant move for several reasons, primarily centered on data security and privacy.
In addition, the latest version of the operating system also relaxes the hardware requirements for automatic device encryption, making it available in a broader range of devices, including more desktops and laptops that previously might not have qualified.
Although it's always recommended to use a device with encryption, many users are unaware that this feature has been enabled, and others don't even know where to find the recovery key, which can cause different unwanted problems.
You can always check if encryption is turned on on your computer in Settings > Privacy & security > Device encryption. If you decide that encryption isn't for you, it's possible to disable the feature on Windows 11.
6. System Protection is off by default
System Protection is a recovery feature designed to help safeguard the system files, apps, Registry, and settings. The feature works by creating and managing restore points, which are snapshots of your current setup at a specific point in time.
Although it's a useful feature, it has to be enabled and running before the problem happens. System Restore used to come enabled by default. However, now, to conserve space, the default behavior is off.
If you want to use this feature, you can check my comprehensive guide on System Restore for Windows 11.
7. Storage Sense is enabled by default
Storage Sense is a tool that can help you free up drive space on your computer. It's designed to keep your system running smoothly by getting rid of files you don't need, without you having to manage them manually.
The default configuration deletes files that have been in the Recycle Bin for more than 30 days. After an upgrade, this feature removes the backup of the previous setup after 10 days. In addition, this feature deletes your OneDrive files that have been previously uploaded to the cloud, but you can still access these files from the OneDrive folder. You would need to be connected to the internet to rehydrate the files.
Although it works automatically, by default, Storage Sense runs when your device is low on storage. However, it's possible to set it to run automatically every day, week, or month.
Finally, even if you have Storage Sense disabled, the system may still turn it on automatically to free up disk space if your system is running low and needs to perform a system upgrade.
8. Hibernation is disabled by default
On Windows 11, "Hibernate" is a power feature that can help your device conserve energy, extend battery life, and preserve your current session even if the computer is powered down.
The feature works by saving data in memory onto the hard drive using the "Hiberfil.sys" system file when selecting the "Hibernate" option from the Power menu. This allows the system to shut down completely, which also conserves energy and prolongs battery life. Then, when you power on the computer, the session resumes, allowing you to pick up where you left off.
It's a convenient feature, but it comes disabled by default for many reasons. For example, hibernation requires specific hardware, which may not be available on every device. Also, the operating system prioritizes other power management states, such as sleep mode and fast startup, which some people may argue are better experiences.
In my experience, hibernation is the best power-saving feature because of its different benefits, especially on desktop computers. For instance, you can disconnect the power cord, relocate the device, and resume where you left off. If the power goes out after putting the device in hibernation mode, you can resume the previous session without losing your current desktop setup.
Sometimes, I can go months without powering down or restarting the computer thanks to "Hibernate."
9. Default account lockout configuration
Although Windows 11 is generally a very secure operating system, the default behavior of account lockout policies has been a little subtle, depending on the specific release. For a long time, the default setting was not to lock out an account at all, which left the system somewhat vulnerable to brute-force attacks.
However, in newer releases of the operating system, Microsoft implemented a change to make account lockout policies a default security measure.
The current recommended and often default policy for local accounts is 10 invalid attempts for the "Account lockout threshold" policy, 10 minutes for the "Account lockout duration" policy, and 10 minutes for the "Reset account lockout counter after" policy.
This means that after 10 failed sign-in attempts, the system will lock the account for 10 minutes. This change was a significant step to mitigate threats like Remote Desktop Protocol (RDP) and other brute-force password attacks.
Also, the built-in Administrator account is subject to these lockout policies.
Did you know about any of these behaviors? Do you know others? Let me know in the comments.
More resources
Explore more in-depth how-to guides, troubleshooting advice, and essential tips to get the most out of Windows 11 and 10. Start browsing here:

Mauro Huculak has been a Windows How-To Expert contributor for WindowsCentral.com for nearly a decade and has over 22 years of combined experience in IT and technical writing. He holds various professional certifications from Microsoft, Cisco, VMware, and CompTIA and has been recognized as a Microsoft MVP for many years.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.