TPM or Trusted Platform Module will be a minimum requirement if you plan to upgrade to Windows 11 shortly. Its hardware makes the PC secure, and all your passwords, especially Windows Hello, BitLocker, will be using it. This post will share how you can enable TPM on your Windows PC. It applies both to Windows 11 and Windows 10.
Note: Intel calls it PTT (Platform Trust Technology), and AMD calls it fTPM (Firmware TPM).
TMP 2.0 and TMP 1.2
TPM 2.0 is for UEFI-based systems TPM 1.2 is for BIOS-based systems. While Windows works without TPM, features like Windows Hello for Business, UEFI Lock, and extended validation for BitLocker need TPM.
On a basic level, TPM is a hardware chip that should be supported by your Processor and Motherboard. If you are using old hardware, the module will not be available. If you are using a Desktop, you may be able to buy and add the TPM module, but it will be a bit of hard luck for laptops.
Note: Microsoft says that TPM 2.0 is recommended, but the upgrade is also possible with 1.2. However, they don’t recommend it. Probably in the future, some features will only work with 2.0
Does your PC have TPM?
Most of the modern hardware offers TPM, but it is disabled in the BIOS or UEFI. Along with Secure Boot, Windows will need TPM 2.0 going ahead. To check if your PC has TPM, follow these steps:
- Use Win + R to open the Run Prompt
- Type tpm.msc and press the Enter key
- This will open the TPM management program and tell if you have a TPM module available on your system or is missing.
How to Enable TPM on Your Windows PC
Before you think of buying a TPM module, check your PC BIOS or UEFI.
- Restart your PC, and press the F2 or Del key to get into the BIOS/UEFI
- Locate Security Section or Advanced or something similar
- If TPM is available, enable it.
- Once enabled, you need to switch from discrete TPM to a firmware TPM
- Save the settings, and exit the BIOS or UEFI
- Reboot your machine and run tpm.msc again. It should now report that TPM is ready for use.
If you need to check if the PC can be upgraded, run the Windows 11 PC health check app again, and hopefully, all should be well and ready for your eventual upgrade.
How to add TPM module to Windows 10 PC
It depends on your motherboard. Many OEMs offer a port to which the TPM module can be added. TPM modules are also sold separately and can be easily plugged in if the board supports them.
Ensure to check if it supports TPM 2.0 and not just TPM 1.2 if you plan to upgrade to Windows 11.
Turn off BitLocker before enabling TPM
Any change in the TPM in the BIOS or UEFI gives a fair warning that when the recovery key is lost or the BIOS ROM chip is replaced, the system will not boot into the OS, and data will stay encrypted and cannot be restored.
It would be a good idea to turn off all kinds of encryption before changing anything in the UEFI or BIOS. The same warning is available when you upgrade the Motherboard. You can always enable it after making the changes.