TPM or Trusted Platform Module (TPM) is a hardware chip used to enable security features such as Windows Hello, Extended BitLocker verification, and many more. If you need to enable TPM in Windows PC, this post will guide you to achieve that.
When Microsoft announced Windows 11, the official requirements show that a Trusted Platform Module (TPM) chip is required. Microsoft implies that TPM 2.0 is recommended but not necessarily required.
According to Microsoft Oficial Documentation, while you can upgrade to Windows 11 if you have TPM 1.2, but it is not advised. While that could mean anything, I am guessing that some features will not work in the long term.
What Is Trusted Platform Module or TPM?
TPM chips are typically built into your computer’s motherboard for pre-built PCs. You can generally find the chip soldered to the motherboard. Else, if your motherboard supports it, you can buy one externally as an add-on module if you build your own computer.
What the chip actually does is provide hardware-based validation and tamper protection. The TPM chip offers a combination of hardware and software that protects passwords and encryption keys when they are sent unencrypted.
How to Check If My PC Has a TPM Chip?
There are a couple of ways using which you can check whether your PC has a TPM chip and whether it is ready for use or not.
- Open the Run Dialog (Win + R) by searching for the same in the Start Search Box and choosing the main listed result.
- Enter tpm.msc and press OK to bring up the Trusted Platform Module Management window.
- Here, lookout for a confirmation stating The TPM is ready for use. If you do not get so, you might have the TPM chip installed, but it may have been disabled.
- You can also find the TPM version listed under TPM Manufacturer Information.
Check Whether your PC has TPM using Command Prompt
Here’s how you can use the Command Prompt at your disposal to check whether your PC has a TPM chip.
- Open an elevated Command Prompt or Windows Powershell Window and type in the following command.
wmic /namespace:\\root\cimv2\security\microsofttpm path win32_tpm get IsEnabled_InitialValue
- You can view the TPM chip’s current status here: True or False. The following message appears if TPM is not installed on your computer: no Instance(s) available.
Alternatively, you can use the PC Health tool available from Microsoft to check whether your PC is upgradeable to Windows 11 or not. If your PC is upgradeable, it should be safe to say that the PC does indeed have a TPM chip.
How to Enable TPM from the BIOS and UEFI
If you are sure that your PC has a TPM chip, but it seems to be disabled for some reason, here’s what you can do apart from contacting your motherboard’s manufacturer.
- Power off your computer and boot into the BIOS or UEFI
- Navigate to System Utilities, select System Configuration > BIOS/Platform Configuration (RBSU), and then choose Server Security.
- Here, click on Trusted Platform Module Options and press the Enter key.
- Select Enabled to turn on the TPM and BIOS secure startup.
This may change based on the Motherboard. As an example, for Asus motherboards, the option is available under the Advanced section. Even with TPM enabled, you may need to enable Firmware TPM to use TPM 2.0. The default is set to Discrete TPM, and it doesn’t pass the Windows 11 criteria.
Related: How to install Windows 11 on a PC which doesn’t have TPM
Does an External TPM Module Work on Laptops and PCs?
If you have built your own PC, you may add a TPM chip to it. You can find an external TPM chip from Amazon. However, make sure that you find one that supports the exact motherboard inside your PC.
Laptops and desktop PCs you buy off the shelf generally have a TPM chip that’s soldered—permanently attached—to the motherboard. It’s impossible to add TPM chips to an older PC that doesn’t have the hardware to accept one.
Consult your motherboard manufacturer’s documentation for more information about whether your PC supports a TPM chip and which one it requires
Notebooks with embedded fingerprint readers often save fingerprint data in the TPM since its security makes it a convenient location to keep fingerprint data. That said, do let us know whether your PC does have support for TPM or were you able to enable TPM on your Windows PC
i got a message in cmd is
ERROR
description = access denied
Hey, Rajendhar, You need to Run the Command Prompt in Administrator Mode. Please follow the linked post in the page.