There are a couple of things that could happen. Someone steal/find a lost laptop.

1. The Windows password is not known so the person moves the storage device to an external drive. Because it's encrypted with Bitlocker and the encryption key is stored in the laptop TPM there's no way for the data to be read from there.

2. The Windows password is weak/known so the person uses that to login and access the data that's encrypted with Bitlocker and automatically unlocked because the key is available on said laptop upon login.

Obviously your worry is #2. In this case I'd say your problem is not the encryption but the password management.

Yes, you could use a third party tool and do a full disc encryption - also requiring a second, stronger password to be known by the laptop user. Which, again might defeat the purpose. If it's too hard to memorise the person will store the password somewhere - possibly written down on a piece of paper, which is not secure enough.

So back to #1. Bitlocker plus a good, strong password in place.