A Trusted Platform Module (TPM) is a dedicated hardware-based security component designed to protect sensitive data by securely generating, storing, and managing cryptographic keys. It provides a hardware root of trust that enables features such as secure boot, disk encryption, device authentication, and integrity verification by ensuring that cryptographic operations and keys are isolated from the main system processor and memory.
TPMs are commonly used by operating systems to support security technologies such as BitLocker drive encryption, Secure Boot, and credential protection. Modern systems typically use TPM 2.0, which supports stronger cryptographic algorithms and broader functionality than earlier versions, and may be implemented as a discrete chip, firmware-based module (fTPM), or integrated into the CPU.