TPM 2.0 adds modern cryptographic algorithms (SHA-256, ECC, AES) vs. TPM 1.2 (SHA-1, RSA only). More flexible key hierarchy and better platform integrity verification.
Windows 11 requires TPM 2.0. TPM 2.0 supports multiple hash algorithms (important since SHA-1 is deprecated). Firmware TPM (fTPM) is a software implementation — less secure than discrete hardware TPM chips.