The Trusted Platform Module (TPM) added to the virtual machine configuration allows you to protect your data from unauthorized access and use additional Windows security features such as BitLocker and Windows Hello.
When you add TPM to a virtual machine, it becomes enabled by default.
Note: All Windows 11 virtual machines are created with TPM enabled by default and cannot boot without it.
It is not recommended that you add TPM if you don't plan to use BitLocker. If you added TPM by mistake and didn't set up BitLocker in Windows, you can remove TPM without drastic consequences. However, if you set up BitLocker and then remove TPM, you may encounter boot and login problems - Windows will ask you to enter the recovery key on boot. To learn what you should do in this case, please read this knowledgebase article.
Note: The TPM-related information is stored in the Mac Keychain. You cannot start the virtual machine on another Mac without this information unless that Mac is logged into the same iCloud account and the Keychain synchronization option is enabled. To transfer the TPM-related information manually, consult the KB article mentioned above.