You have probably heard of TPM 2.0 (Trusted Platform Module) – a device your PC must have to support Windows 11. In the current article, you will find out what TPM is and how to check whether your computer has it. You can also read on how to activate TPM if it is disabled and whether it is reasonable to bypass the Windows 11 TPM requirement.
What is TPM?
The Trusted Platform Module has recently dragged a lot of attention because it entered the list of the technical requirements for Windows 11. Many users didn’t even know about the device’s existence before the whole hype started. However, TPMs have been with us since 2009. Today, TMP is a conventional component for laptops and desktop PCs.
Trusted Platform Module, in a nutshell, is a cryptoprocessor which means TPM performs cryptographic operations. It is also a secure cryptoprocessor, which means it doesn’t allow decrypted data to filter out from the safe environment, unlike usual ones.
There are currently two versions of the module on the market: 1.2 and 2.0. Interestingly, Windows 11 requires specifically the latter. Many computers, although powerful enough to carry the latest Microsoft OS, don’t have TPM 2.0.
Microsoft, despite the users’ outcry, remained firm in its pursuit of the zero-trust mentality. You can read more on the zero-trust philosophy in our article on Windows 11 security approach. To make it short, since endpoints and users are the weakest links in digital security, Microsoft decided to force-strengthen them by implementing a new hardware security standard.
How to check whether you have a TPM?
There are several ways to check whether you have TPM on your machine. Use the Start Menu search bar to find Device Manager. Launch the program and look for the Security Devices category. If there is none – that means you don’t have a TPM. If you find Security Devices, click on the line, and you will see the version of the Trust Platform Module that you have on your computer. Windows 11 requires TPM 2.0.
Another way is to open Device Security (the subsection of the Update & Security settings section). Look for it right away via the Start Menu search bar. Open the item. If you have TPM, you will see information on your cryptoprocessor in the central part of the window. Press Security Processor Details to figure out the Specification version of your TPM. Otherwise, the subsection will be empty with only a message about the absence of the device in question.
There is another way to check your system for Windows 11 compatibility, and it is to run the PC Health Check. Earlier it was a downloadable application that you could get on the Microsoft website, but the company included it in one of the Windows 10 updates later. Type ‘pc health check’ in the Start Menu search bar, and Windows will find it in a moment. Open the program and launch check.The program will give you a lowdown about your system’s readiness for the latest OS. It can be that TPM 2.0 is not the only thing lacking. Read the complete list of Windows 11 requirements if you’re interested.
How to enable a TPM (if disabled)?
Suppose you know that you have TPM, but Windows 11 won’t install for some reason, and you know that the cause is not any of the requirements. You might need to enable your TPM in BIOS.
If your TPM is disabled, the system will “think” that it doesn’t have it. It will not be visible in Device Manager or Device Security settings.
The instruction below will be less precise due to the varieties in BIOS interface in different PC manufacturers. To enable your Trusted Platform Module, do (something like) the following:
- Restart your PC and enter UEFI BIOS. The best way to get there is to press the needed button before the Windows loader takes over and starts the launch of the operating system. It is usually Delete or one of the F buttons, depending on the motherboard manufacturer.
- As you are there, look for a submenu called Advanced, Security or Trusted Computing.
- Then find the TPM-enabling switch. It might be called Security Device, Security Device Support, TPM State, AMD fTPM switch, AMD PSP fTPM, Intel PTT, or Intel Platform Trust Technology.
- Enable TPM, check if the Secure Boot is switched on (Windows 11 requires that too!) and boot the system with saving changes.
For exhaustive information on this matter, please, pay a visit to the “Enable TPM on your PC” material on the official Microsoft website.
What if you don’t have TPM 2.0?
If you don’t have the Trusted Platform Module but are still eager to have Windows 11, you have two options. Theoretically, it is possible to buy a TPM 2.0. But take note, not all motherboards of even desktop computers can host a cryptoprocessor. Your motherboard might have room to install the TPM, but it might have no slot for it. Then you will need to solder the chip upon the motherboard or, better, find a specialist to do it. As for laptops, it is unlikely that you can add any chip to the existing model. So the most viable option is to replace a TPM 1.2 with TPM 2.0 if the construction of your computer allows that. However, this solution is far from mainstream, as you must have already noticed.
If you are desperate for getting Windows 11, you might want to bypass the new system’s requirements. Here is the instruction on how to pull it off: an article on Windows 11 installation on unsupporting machines. Remember, however, that overriding the limitations entails denial in updates and support from Microsoft.
Subscribe to our Telegram channel to be the first to know about news and our exclusive materials on information security.
User Review( votes)