> What if I want to move my own drive somewhere else?
That's the fun part: you don't. Move the contents somewhere else, format the drive, and move them back. Also another cool feature: if the TPM stops working for some reason you lose all your data! (unless you have offsite backups, which you should anyways). I'm saying this kinda jokingly but this really is a feature of keeping the keys in your TPM, in a lot of situations this is a desired behavior.
Be aware that in the case of Bitlocker specifically Microsoft "conveniently" saves your encryption key on their "cloud", so you don't really need the TPM to decrypt stuff, which of course goes completely against the purpose of storing the key there in the first place. Oh yeah, also: DON'T trust Bitlocker, it's absolutely compromised if you are using an SSD which provides firmware "encryption". [0][1]
>Be aware that in the case of Bitlocker specifically Microsoft "conveniently" saves your encryption key on their "cloud", so you don't really need the TPM to decrypt stuff, which of course goes completely against the purpose of storing the key there in the first place.
What MS stores in the cloud is not the encryption key but a recovery key. Obviously a recovery key can also be used to perform the decryption, but it has the benefit that it's generated by the system to be of high entropy, as opposed to a human-chosen password.
If you're against FDE recovery keys I assume you're also against 2FA recovery codes.
Be aware that in the case of Bitlocker specifically Microsoft "conveniently" saves your encryption key on their "cloud", so you don't really need the TPM to decrypt stuff, which of course goes completely against the purpose of storing the key there in the first place. Oh yeah, also: DON'T trust Bitlocker, it's absolutely compromised if you are using an SSD which provides firmware "encryption". [0][1]
[0]: https://www.tomshardware.com/news/crucial-samsung-ssd-encryp...
[1]: https://twitter.com/matthew_d_green/status/10594413723175813...