2 Likes
Well nobody on Windows should rely on the TPM. Most if not all motherboards have very low quality TPM modules. Use software encryption by entering a passphrase during early boot. It can be turned on in the GroupPolicy editor.
You can also turn off TPM in the bios BEFORE setting up bitlocker and then turn on the group policy to make sure it doesn’t store your key.