if you want to type the key yourself each time this could work. I’m not aware of an app that does this but it wouldn’t be too hard I don’t think.

if you’re encrypting at rest you also have to consider where there encryption key is being stored.

if you’re storing the encryption key plaintext on the same drive as the data, there’s not much of a point in encrypting.

a TPM/HSM could solve the issue, depending on how far down the rabbit hole you need to go.

EDIT: You could also encrypt the disk of the VM/Server hosting the app. similar situation.

For desktop windows this is not true. A remote sign in will sign out the local user and vice versa

Cloudflare and Crowdstrike are different companies.