What is TPM in Windows 11? Is it necessary?

Do you want to know, what is TPM in Windows 11? Should you turn it on? Today, at Digital Gyan, we will talk about TPM in Windows 11 with complete details.

Users of Windows 10 may get Windows 11 for free right now. However, if your PC doesn’t satisfy Microsoft’s system requirements, you might not be able to upgrade. Support for TPM 2.0 is one such requirement.

Don’t worry if you don’t understand what a TPM is; most of us didn’t either until Microsoft made it a Windows requirement.

A TPM, or Trusted Platform Module, is a hardware-based security solution designed to keep hackers out of your computer.

TPMs should be installed on computers produced within the last five years; however, they are not on older devices. It’s possible to install Windows 11 on unsupported hardware, but it’s not advised.

The safest way, as I mentioned in my post about failing to install Windows 11 on my old PC, is to buy a new PC and update it to Microsoft’s newest operating system.

Even if you have a brand-new PC, you might not be able to fulfil the TPM 2.0 requirements. TPM is enabled by default on certain computers but not on others.

The methods to enable TPM on PCs that have one are detailed by Microsoft. However, the material is spread out over numerous pages. As a result, we’ve created this straightforward how-to tutorial to assist you with enabling TPM on your PC.

Microsoft did not share system requirements for its software upgrade until after it had completed its Windows 11 unveiling earlier this summer.

What is TPM in Windows 11?

TPM stands for Trusted Platform Module and is a safe cryptoprocessor with an inbuilt cryptographic key that secures a computer. In simpler terms, it acts as a security alert for your computer, preventing hackers or viruses from gaining access to data.

A TPM is usually built into a device’s motherboard or manually installed on the CPU. Companies like AMD and Intel have assured that this technology is included in all recent processors; nonetheless, anyone using a PC from a few years ago may be missing out.

The TPM generates a unique code known as a cryptographic key each time you log in to your computer.

If no problem is discovered, the PC or laptop will start up normally; but, if the PC detects that your security has been breached, it will enter lockdown mode to prevent hackers from getting access.

How to enable TPM through BIOS mode?

Once you’ve gotten into your BIOS, you’ll probably have to seek and peck for an option to enable TPM.

Don’t give up if you can’t locate a TPM setting to enable; some contemporary PCs include TPM equivalents. Because my PC has an Asus motherboard with PTT, which is a firmware-based TPM alternative, I had to go to Advanced > Find PCH-FW Configuration to activate TPM.

If your BIOS doesn’t include a TPM toggle, read your motherboard’s documentation (or Google your exact motherboard model) to see if there is another TPM option.

Save and leave when you’re finished.

Restart the Health Check software, and your PC should now match the Windows 11 criteria.

Even though Microsoft’s PC Health Check software (which is particularly designed to evaluate if your PC fulfils the Windows 11 system requirements) says you’re good to go, Windows Update (located in Settings) may still suggest your PC doesn’t match all of the criteria to upgrade to Windows 11. I’m not sure why this gap exists, but it shouldn’t stop you from updating.

Go to Settings > Update & Security > Windows Security > Device security to see if TPM has been successfully activated.

Select Security processor information from the Security processor drop-down menu. TPM will be activated or disabled based on a set of parameters. In my situation, yes. (What is TPM in Windows 11)

After that, you may safely install Windows 11 on your computer. You may now use all of the features that Windows 11 has to offer.

Though activating TPM makes upgrading Windows 11 a little more complicated, it doesn’t need a lot of technical knowledge. The most critical thing is that your system already supports TPM 2.0.

Does my Computer have a TPM chip? How to check?

There are a few ways to see if your laptop or PC has a TMP chip, the first of which is to use the built-in TPM management tool in Windows.

To open a conversation window, just hit Windows+R at the same time. In the box, type tpm.msc and hit Enter.

You will have a TPM if your device displays a window regarding the TPM within your PC. The version number is displayed in the bottom-right corner, with Windows 11 requiring the TPM 2.0 option to function.

If the notice ‘Compatible TPM cannot be detected’ occurs, your PC does not have a TPM chip.

Difference between Hardware TPM vs. firmware TPM

The price of specialised TPM hardware has skyrocketed on the secondhand market since Windows 11. Prices have now been reduced, but it illustrates how much of a stir this regulation created. To run Windows 11, you don’t need to invest an extra $100.

Because Microsoft has enforced TPM on machines running Windows 10 for some years, this is primarily a problem for the DIY PC sector.

Although most motherboards from the previous few years do not include hardware TPM, they do provide firmware TPM. This type of TPM employs firmware installed elsewhere on your motherboard for authentication instead of a separate crypto-processor.

It then uses your CPU’s processing capability to perform cryptographic tasks. (What is TPM in Windows 11)

Because it is segregated from those other components in your PC, hardware TPM is more secure. The TPM can still operate even if one component or section of your PC is hacked.

Firmware TPM isn’t as secure as hardware TPM. It still serves the same purpose as hardware TPM but is more vulnerable to tampering because an attacker may theoretically modify firmware more readily than physical hardware.

The TPM you use doesn’t matter to Windows 11, as long as it meets the TPM 2.0 standard. You might activate firmware TPM through your motherboard’s BIOS if you constructed your own computer in the previous several years.