Trusted Platform Module and Windows 11

What is a TPM? Why Windows 11 Requires TPM

Microsoft’s Windows 11 requires the Trusted Platform Module, a previously unknown PC security component (TPM). This might be a problem if you wish to build your own PC running Windows 11 or update an older PC running Windows.

The question “Do I have a TPM that works with Windows 11?” can be a little hard unless you know how to check it. Those who have bought a computer in the last several years have better odds than not getting a positive response. Everyone else who wishes to upgrade to Windows 11 may find the approach more challenging, especially if they have developed or modified their own Windows desktop.

If you want to enable TPM for your windows, click here to check the process

trusted platform module

What Is a TPM?

The Trusted Platform Module (TPM) is a tiny chip that isn’t often situated alongside the main CPU and RAM on the motherboard of your computer. The chip is analogous to the keypad used to deactivate a home security system or the authenticator app used to access a mobile banking app. Assuming that turning on your computer is analogous to opening your front door, logging in requires the same kind of identification as inputting your username and password. If you don’t input a code promptly, alarms will go off or you won’t be able to get your money.

While this is the very minimum for how modern TPM systems function, they are capable of so much more. In actuality, many PC programmes and other features continue to make use of the TPM long after the operating system has booted. Email programmes like Outlook and Thunderbird use TPM to handle encrypted or key-signed correspondence. The TPM is also utilised by Firefox and Chrome’s web browsers for some more complicated duties, like maintaining track of websites’ SSL certificates. TPMs are utilised in a variety of non-PC consumer products, such as printers and Internet-connected home devices.

Asus Trusted Platform Module (TPM)

How to check about TPM availability in your PC

There are a few ways to determine whether your current system has a TPM. The quickest way to accomplish this is by clicking the Start button, entering “Windows Security” into the search field, and then clicking “Device Security” in the results. If your device has a TPM installed, a new window will pop up there instead. We recommend putting a little green checkmark next to the emblem, close to the words Security processor. If there is no symbol for a security processor, then there is no TPM installed.

As a consequence, you should see the window labelled Trusted Platform Module (TPM) Management on Local Computer. If you see “Compatible TPM cannot be identified,” either your computer doesn’t have a TPM or the BIOS hasn’t enabled the TPM 1.2 chip.

Windows 11 link with TPM

There is extensive support for TPMs in both Windows 7 and Windows 10. Laptops and workstations built for use in large corporations with strict IT security requirements have been the leading adopters. TPMs have replaced the cumbersome smart cards formerly issued by IT departments to employees. Smart cards are inserted into a slot or tapped against a built-in wireless scanner to verify the integrity of the system.

TPMs may be used as a viable alternative to the conventional security features included in Windows computers. Since July 2016, Microsoft has required (Opens in a new window) TPM 2.0 capability on all new PCs running any desktop version of Windows 10. (Private, Business, Organizational, or Academic) Windows 11 is similarly limited to TPM-enabled PCs.

Windows 11 features restricted by TPM

Another issue with the TPM 2.0 requirement in Windows 11 is that Microsoft may follow Apple’s example and introduce even more stringent limitations on how TPMs may be used to protect devices in future Windows versions. Examples of this include the T2 chip allowing for fingerprint recognition and enhanced image signal processing, neither of which are available on non-T2 chip equipped Apple laptops. Windows Hello face recognition is only one feature of Windows 10 that is vulnerable to this issue.

Trusted platform module

Microsoft may further divide the Windows experience with Windows 11 and next TPM versions. This would include bringing in more TPM-required functionality as well as locked-down versions of Windows similar to the existing Windows 10 S Mode. This won’t be a problem for the majority of users, but if you’re intending to update to Windows 11, keep this in mind. Purchasing a suitable module for your motherboard is one option to add the capability for desktop users who may not have TPM 2.0. You’ll need to look up the model of your motherboard to check whether the maker has ever developed a TPM that works with it.

Additionally, it seems that TPM costs have gone up since the release of Windows 11. As of the time of publication, an Asus TPM (opens in new tab), which was listed on Amazon for $14, had sold out and was fetching over $40 on the secondhand market. TPM manufacturing has also been halted by some manufacturers, but given the current spike in demand, it’s possible that it may resume.

Manufacturer-specific instructions for enabling this in BIOS may differ. However, users will often need to restart their computer and keep pressing the Delete key until the BIOS menu opens. The TPM option may then need to be found by users navigating through more complicated menus. The firmware TPM may then be activated from there.

 

Azhar Ali Buttar has 20 years of experience working in different domains within IT industry. From network protocols to server hardening, he knows about multiple areas and has been working side by side with MNCs to provide cost-effective security and infrastructure solutions. Azhar’s expertise lies in off-site and hybrid infrastructure deployment using multiple platforms which includes, but not limited to, Azure, AWS, Google and Private Clouds. He has also been leading several infrastructure and security teams to deploy and perform security optimization in multiple projects, and now leads Nocastra with his decision-making and client-oriented skills.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.