On windows it is recommended to use Bitlocker with TPM + PIN configuration with hibernate mode. This requires the TPM PIN to be entered each time you login.
On Fedora, how secure is the lockscreen in terms of data protection? When I lock my screen, are the decryption keys still stored in ram, or are they flushed somehow?
I’ve been trying to find more documentation on this
Your data is decrypted when you turn on the machine, and stays decrypted until you power it off. There is no encryption-based protection enabled by your lock screen.