Fascinating!

 

TPM is currently best option to secure your passwords and your computer.  There is no “Spyware”, it’s hardware that prevents tampering. 

It’s far more secure (and easier) for me to enter a TPM based PIN whenever a website prompts me for my user/password.  It’s a local resource encrypted with hardware (physical chip on the motherboard) … assuming of course you have a physical dTPM not a virtual one (fTPM).

TPM has no access to your browser, can’t log activity, and really has no clue what’s it’s actually protecting.  It’s a crypto-processor.

TPM is unique to each and every motherboard (and/or other devices) and is traceable.  But as with all security encryption, there is a way to hack it … BUT that way requires “physical” access to the chip and then use very specialized equipment to attempt to extract data … and the TPM has tamper proof features that if detected will wipe out it’s contents.

If one has been using a TPM in Win11 (your PIN to access websites), then you probably should clear the TPM before selling the motherboard (not required, but just in case someone does have the physical equipment needed to try and extract data from it).  Windows 11 will determine if you have a passkey and use your PIN when you access a website and will work with TPM (local device/chip) to extract credentials without transmission of any data via network since TPM is local which prevents any brute force attacks.  

So having Windows 11 detect you have a passkey for a specific website isn’t spyware.  And the TPM has no ability to log website activity or even communicate across a network.

Is TPM the end all be all for security, no, but it’s a good step in the right direction.  As far as spyware, not a chance the TPM can act as spyware and the OS detection of passkey

Edited October 29, 2025Oct 29 by SayAgain