Thanks, that was my thinking as well.
One reason I hear for certificates is to not store AD credentials locally. But with windows when PEAP uses the logon credentials to authenticate, well they are not stored or distributed in the wireless profile, they're given at logon, so I would think the password is only locally cached in the same manner that Windows does regardless.
For BYOD it makes perfect sense to have certs for a few reasons.
I think there's some debate over whether PEAP is inherently more secure than EAP-TLS anyway.