Secure key handling using the TPM

argon2id is sufficiently RAM intensive that you're going to need to throw significant resources at it even if the user is using a low entropy password. If the user's using a high entropy password then it's effectively unbreakable, whereas a TPM is, well, not. I definitely think there's value in using TPMs, but for this kind of thing I think there's more value in trying to reduce PCR fragility and using them as a way of improving user experience.