The key is always stored with the data either on the drive itself in an unencrypted hidden partition or on an attached storage/security coprocessor.
The key is encrypted with a KEK which is derived from a users password.
What many of these encrypted drives do is just always run the encryption but with either a default key which is all zeros or with an unencrypted key until the user enrolls into the encryption feature at which point the key will be encrypted with their password or fingerprint.
The key is encrypted with a KEK which is derived from a users password.
What many of these encrypted drives do is just always run the encryption but with either a default key which is all zeros or with an unencrypted key until the user enrolls into the encryption feature at which point the key will be encrypted with their password or fingerprint.