Pedig le van írva:
The Trusted Platform Module(TPM) requirement enables Windows 11 to be a true Passwordless operating system, addressing phishing and other password-based attacks that are easier for attackers to execute when the TPM is not present. In the FY20 Microsoft digital defense report, Microsoft identified 67% fewer compromises of organizations that disabled legacy authentication and moved towards Multi-factor Authentication (MFA)- or Passwordless-based systems like Windows Hello. With Hello, the TPM works together with a PIN or biometric camera/fingerprint reader to securely store a secret in hardware that replaces a user’s password during authentication and is much harder to steal or spoof. The TPM is also used for numerous other Windows 11 features such as Bitlocker and Device Encryption, which leverages the TPM to store disk encryption keys. Research from Forrester showed that the loss or theft of assets like smartphones and laptops were involved in 20% of the breaches reported by global security decision-makers in 2020. Bitlocker full disk encryption in Windows 11 limits the possibility of sensitive data loss from lost or stolen devices. The TPM is also used to “bind” web-based credentials securely to a machine, preventing extraction and theft of credential types seen in many recent breaches. Windows 11 requires TPM 2.0 vs 1.2 because of the security advantages it provides, particularly support for newer and stronger cryptographic algorithms.