Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › [Q] Help Picking TPM chip(s)
New Posts  All Forums:Forum Nav:

[Q] Help Picking TPM chip(s)

post #1 of 3
Thread Starter 
I am likely going to enable bitlocker on my server and desktop machines. Since I only rdp into the server I want to use a TPM chip so I do not have to enter a key at startup. I may or may not use a TPM in my desktop, I might just manually enter the key on startup for that.

My Server uses an ASRock z87-ITX and my desktop uses an MSI z87-G45 (both builds in my sig). I have confirmed they both have the header on the motherboard and I believe both are TPM v1.2

Heres my question, will any TPM chip work or do I need a MSI made TPM for my MSI board and an ASRock made chip for my ASRock board?

MSI's chip on amazon is $16.95
http://www.amazon.com/MSI-Accessory-TPM-Infineon-914-4136-103/dp/B00C2DKC88/ref=sr_1_1?ie=UTF8&qid=1456435990&sr=8-1&keywords=msi+tpm

ASRocks chip is $13.50
http://www.amazon.com/ASRock-bitlocker-hardware-encryption-motherboards/dp/B00ZHIKGSG/ref=sr_1_1?ie=UTF8&qid=1456436492&sr=8-1&keywords=asrock+tpm

If I can use the cheaper of the 2 on both boards id obviously do that. So do I need to get a TPM made by the same company as the board im putting it in?

Thanks

PS - From a standards perspective, is there any reason I should look for a TPM chip that supports something these do not and is still compatible with my boards (higher TPM version, better encryption, etc.)?
post #2 of 3
I didn't realize these were so cheap.. I am curious what any advantages may be and also your findings regarding compatibility.

I see the advantage to convenience by not having to enter bitlocker keys manually on startup.. but isn't the downside to that a pretty big hole security wise... making the whole idea pointless? wth.gif I feel like I must be missing something.
post #3 of 3
Thread Starter 
As you pointed out the obvious advantage is not having to enter a long key (a PIN can still be required). Otherwise the advantage is its physical security. No risk of forgetting the key, the chip can be physically removed preventing access, is better able to protect against dictionary based attacks. Likely others I am unaware of. For my server im mainly doing it so that reboots and rdp arent an issue. On my desktop my only reason to get one would be so my wife doesnt have to punch in the key, for myself I wouldnt mind.

To be honest I am not really concerned with the traditional purpose of encrypting my drives. There really isnt any data on them that I care if someone sees. My understanding (maybe incorrectly) is that ransomware (malware/virus that encrypts your disks and then requires payment to unlock) cannot work if your disk is already encrypted. As this seems to be a growing issue and law enforcement almost always just recommending to pay up id rather prevent it than take the small risk it happens to me.

I use bitlocker at work and on my Surface Pro 3 and it doesnt appear to impact my day to day usage so i figure the benefits outweigh the inconveniences.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Windows
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › [Q] Help Picking TPM chip(s)