> I dont know that they are right (eg if the #1 exposure for home users is ransomware, does a tpm help at all?), but I am prepared to give them dome grace.
One particularly generous view is that the TPM requirements catch PCs up with the TPM requirements of modern phones. (Both iOS and Android have had very strict TPM requirements for a while now.) With a lot of industry interest in moving to hardware security-backed Passkeys to replace passwords, it would help to have PCs on an equal security footing with phones.
Passkeys are a pretty big deal to reduce home user exposure. Phishing and all of its variants are as much or more a home user problem as ransomware.
Passkeys are a multi-vendor standard. Because Windows is no one's phone vendor today, it's generally a good idea that Windows has strong Passkey support because it can be an intermediate between the two major phone vendors and help even average users avoid vendor lock-in by pushing a majority of users to try keeping keys with at least two vendors (their phone, and their Windows device) in their common accounts.
One particularly generous view is that the TPM requirements catch PCs up with the TPM requirements of modern phones. (Both iOS and Android have had very strict TPM requirements for a while now.) With a lot of industry interest in moving to hardware security-backed Passkeys to replace passwords, it would help to have PCs on an equal security footing with phones.
Passkeys are a pretty big deal to reduce home user exposure. Phishing and all of its variants are as much or more a home user problem as ransomware.