I think this article is quite misleading as to the severity of the issue. It is basically by design.
TL;DR; provided you are an administrator on a Windows machine you can read encrypted user data from another user's home directory without having him login first.
In the video they show you have to be able to read other user's profile, which you are unable to do, unless you are already an administrator.
You don't need to be an admin, just have physical access and plug the drive into another computer. Which is why the early W10 versions used to require enabled full-disk encryption before allowing this feature.
If the drive is not encrypted, then anybody can read any data. <- OK, that is incorrect. DPAPI is supposed to protect from this by deriving encryption key from your password.
If the drive is encrypted you'd have to know the drive encryption key, which likely (if not necessary) means you are the administrator.
> OK, that is incorrect. DPAPI is supposed to protect from this by deriving encryption key from your password.
That's the point: DPAPI is (deliberately) bypassed by TBAL, by storing the necessary info from the user's password to decrypt the DPAPI key after reboot.
TL;DR; provided you are an administrator on a Windows machine you can read encrypted user data from another user's home directory without having him login first.
In the video they show you have to be able to read other user's profile, which you are unable to do, unless you are already an administrator.