Originally Posted by
nkedel
TPM just saves you from needing a pre-boot password; it can be used to make it more secure, but unless you're dealing with say, the PRC or FBI or some very serious industrial hackers trying to break into your machine, the extra possible security is an irrelevance. Plus, if you don't know what you're doing (or your corporate security detail does) you may actually be less secure with TPM -- or liable to locking yourself out and needing a recovery key.
Umm. TPM does much more than that. Give me a machine that's bitlockered without TPM and I can break my way in (and have). -note I'm not a hacker. I'm on the good side
And no, in a corporate environment, there are ways to ensure that people don't lock themselves out. The recovery key can be tied to Active Directory so a user can retrieve it, say by just using their alias.