WDE and TPM module

[blackangst1]

Im wanting to encrypt my C: drive using bitlocker. I have a TPM module plug in on my mobo, but I know I can use bitlocker without a TPM module although its a few extra steps. My question is...is there an advantage to using a TPM module? Theyre only $13 so cost isnt an issue. Thoughts?

In before use Truecypt instead. I use TC for a couple of containers, and there are reasons I dont want to use it for my C: WDE needs.

 

[ZeroRift]

TPM would allow you to enforce device signing if all the devices in your machine supported that feature. In a nutshell, this would detect any hardware changes that were made while the system is off and then require authorization to boot the OS if said changes were found. TPMs also have a few other nifty features to look into if you regularly deal with certificates. I suggest you do some research if you think you are in that category before dismissing the need for one.

Really, unless you need a high level of hardware security, or you use certificates extensively, there isn't much reason to use TPM other than the convenience. Having one of those installed makes booting up to a bitlocker drive much more seamless than without.

This has some more info as well:
http://developer.intel.com/design/mobile/platform/downloads/Trusted_Platform_Module_White_Paper.pdf