What is the security chip for?

What is it for?

Does it actually improve security? If so how?

Are you dangerous of being locked out of your windows if your security chip somehow loses stored passwords?

 

Which security chip? TPM?

 

TPM stands for Trusted Platform Module.
It's used to protect data on a computer, usually a notebook, from unauthorized access.

http://www.intel.com/design/mobile/platform/downloads/Trusted_Platform_Module_White_Paper.pdf


Are you dangerous of being locked out of your windows if your security chip somehow loses stored passwords?
Well yes, but TPM was developed to protect data for business and government clients. So I would think that is unlikely. Forgetting your password on the otherhand...

 

As an example, the BitLocker Drive Encryption in modern versions of Windows leverages the TPM hardware.

 

Can one use bitlocker without TPM?

I have enabled my TPM and also disabled it but I can still log into windows?

So how useful is it then? Other than storing certain passwords in the chip, what else does it do and is it really that much better than normal?

 

Yes, you can use BitLocker without a TPM, but it is less secure. If all you are doing is enabling and disabling the TPM, and have no software that is using it, then nothing will happen as the TPM is not being utilized. Using BitLocker without a TPM will require you to use a USB flash drive to store your encryption keys and you’ll need this USB flash drive every time you start your computer (and this flash drive could be lost or stolen). In addition, the TPM stores a hash of important OS files. If these files have been tampered with, the TPM will not release the encryption keys required to decrypt your drive—and this protection is not available with only a USB flash drive.

This is just one example of how the TPM is used. Other security software can take advantage of it as well.

 

I have Vista Business so I dont have bitlocker which is a shame. In anycase I have tried client security software and I have also tried disabling the security chip and enabling and it makes no difference. I even cleared my chip and doesnt seem to have problems logging into windows or even client security afterthefact.

Which makes me wonder then. Say you use bitlocker. Then you don't want bitlocker anymore. Are you in trouble then? Or you use bitlocker but you cleared your security chip. Is it possible to manually type in the paraphrase instead? Same with not having a security chip and not using USB keys. Can you simply use a manual password everytime?

 

Yea, it’s annoying that Microsoft did not provide BitLocker in this version. However, I’ve heard great things about TrueCrypt and you can use this instead (and it’s free). However, I don’t believe TrueCrypt can use the TPM, but this might have changed in a recent version. As for your client security software, I don’t know what software you are using or if it uses the TPM—so I can’t say much about it. If you use BitLocker and decide you don’t want it, simply decrypt the drive and BitLocker is gone. If you clear your TPM chip, Windows will still allow you to access your drive by way of a 48 character recovery password—but you won’t have a lot of fun typing it. BitLocker requires a USB flash drive if you do not use a TPM, but if you want something which uses a simple password, TrueCrypt might be a better fit for you, but a simple password is not as secure as an encryption key.

 

I think it stores ur passwords in hardward level rather than in software layer. So it makes more hard for unauthorized person to get access to.
That jsut my understanding tho.