How Bitlocker Encryption works
A TPM is a chip that runs an authentication check on your hardware, software, and firmware. If the TPM detects an unauthorized change, your PC will boot in a restricted mode to deter potential attackers. Attacking the TPM requires physical access to the computer. Additionally, the tools and skills necessary to attack hardware are often more expensive, and usually are not as available as the ones used to attack software. And because each TPM is unique to the computer that contains it, attacking multiple TPM computers would be difficult and time-consuming.
BitLocker supports multifactor authentication for operating system drives. If you enable BitLocker on a computer that has a TPM version 1.2 or later, you can use additional forms of authentication with the TPM protection.