Obviously, have TPM is better than don’t have, all aspects are advantages.
The TPM and system firmware collaborate to record measurements of how the system started, including loaded software and configuration details such as whether boot occurred from the hard drive or a USB device. BitLocker relies on the TPM to allow the use of a key only when startup occurs in an expected way. The system firmware and TPM are carefully designed to work together to provide the following capabilities:
• Hardware root of trust for measurement.
• Key used only when boot measurements are accurate.
More information here:
How Windows uses the TPM - Microsoft 365 Security | Microsoft Learn
https://learn.microsoft.com/en-us/windows/security/information-protection/tpm/how-windows-uses-the-tpm
-------------------------------------------------------------------------------------
If the Answer is helpful, please click "Accept Answer" and upvote it.
Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.