Microsofts motivation for TPMs in Windows is probably: - Windows Hello (aka FIDO2, WebAuthn, Passkey) - Bitlocker - AD and cloud device management (Intune)
All of these require secure storage of secret keys. Many features in Windows and Active Directory environments require that the machine can authenticate itself to the domain controller etc. Companies also like to use it for VPN keys.
Android and iOS also make much more use of hardware key storage for all kinds of things than desktop operating systems.
Microsoft's motivation
- Windows Hello (aka FIDO2, WebAuthn, Passkey)
- Bitlocker
- AD and cloud device management (Intune)
All of these require secure storage of secret keys. Many features in Windows and Active Directory environments require that the machine can authenticate itself to the domain controller etc. Companies also like to use it for VPN keys.
Android and iOS also make much more use of hardware key storage for all kinds of things than desktop operating systems.