If the concern is encryption of PC data -
There are plenty of encryption systems implemented entirely in software, independent of TPM both for encryption and authentication, that permit whatever key lengths you want.
Software can be programmed to provide a ne’er-do-well programmer backdoor access to a system. As someone experienced in IT security, I can tell you that we often default to hardware security for a reason. Hardware has to pass through numerous tests for hardening and security. If major industry players certify a piece of hardware as secure, it’s their very reputation on the line. If there’s a backdoor and it’s discovered, that hardware becomes a liability.
I personally use KeePass and certificates from StartSSL for my personal security, but I can’t understate the importance of a platform security methodology, and that’s the purpose of a TPM.