Why TPM 2.0?
Important security advantages are standard in TPM 2.0 when compared to its predecessor TPM 1.2.
Let's take a closer look.
The introduction of new algorithms
According to Microsoft, the update to the Trusted Platform Module allows users greater support for newer algorithms.
For anyone in the SSL Certificate business, that's music to the ears. Due to the increase in computing power and the feasibility of breaking the SHA-1 hash, plans to move away from the outdated technology has been in the works a few years now.
As of late 2017, Microsoft and Google both decided to remove support for SHA-1 and the move to SHA-2 (256 specifically) has been well underway since.
Centralized lockout logic - finally!
TPM 1.2 implements a vendor-specific lockout logic. This means that even the same vendor with different TPM models may have different numbers implemented, quite a cumbersome and complicated process.
TPM 2.0 lockout procedure for possible PIN failures is now controlled by Windows!
Microsoft defined TPM 2.0's maximum number of failed attempts at 32 where each single attempt is forgotten after 2 hours. All configured at the OS at the time of taking ownership of the TPM itself.
TPM implementation methods
The majority of TPM 1.2 implementation techniques involve soldering the parts to the motherboard. Today we call this the 'discrete TPM implementation' method.
TPM 2.0 offers 2 more options: Integrated and Firmware.
Microsoft explains it best, now you can include a dedicated hardware that's integrated into one or more semiconductor packages alongside, but separate from, other components (Integrated).
Another option is to run the TPM in firmware in a Trusted Execution mode of a general purpose computation unit.