Share this Article

What is TPM? And Why Do I Need One for Windows 11?

Facebook
Twitter
LinkedIn

When Microsoft announced the Windows 11 operating system last year, the accompanying system requirements came with it something different from the usual needed specifications for RAM, CPU, and free disk space: TPM. Never had a new release of the Windows operating system required TPM, and Windows 11 marks the first time this module is required. And as we’ll, see it’s the one requirement that’s frustrating users of older computers and preventing them from installing Windows 11.

What is TPM?

TPM stands for Trusted Platform Module. It’s a piece of chip that’s built into your computer’s motherboard. So, no – you cannot get TPM by simply downloading it. For the most part, either your computer comes with TPM or it does not. Certain computer mother boards may have a TPM header. This will allow the option for the user to purchase a TPM chip by itself, installing it into the motherboard, and thus allowing compatibility with Windows 11 where there was previously none. However, for most users, the easiest way into getting Windows 11 is to simply purchase a new computer that already has the new operating system preinstalled.

What does TPM do?

The underpinning for everything security related in the computer world is encryption. In simple terms, encryption is a way of scrambling data so that only authorized parties can understand the information. Operating systems encrypt data through means of software algorithms. Even without the user knowing, encryption happens in the background fairly regularly. From sending emails, to hitting a “submit” button on a website, encryption happens instantaneously and seamlessly to help ensure private data remains private.

However, software encryption can only go so far – it’s still possible to defeat this software-based encryption – and this is where TPM comes in. TPM allows for hardware-based encryption that is significantly more difficult to defeat. TPM allows for enhanced level of cybersecurity, and Windows 11 requires this module to be in place before it can be installed on a computer.

Does My Computer Have TPM?

There are several methods to check if your current machine as TPM preinstalled. Below is the easiest way to determine the presence of a TPM chip on a computer.

Checking for TPM under windows
In the Windows search bar type tpmmsc and run the Microsoft Common Console Document application as shown above
  1. In your Windows search bar, type tpm.msc and click on the application that appears, Microsoft Common Console Document.
  2. In the resulting window, one of two messages will appear whether or not a TPM chip is found in your system
    1. TPM is ready for use –  under TPM Manufacturer Information, you should also see Version 2.0. If this is what you see, congratulations! Your PC is ready for Windows 11!
    1. Compatible TPM module cannot be found – this status either indicates the complete absence of a TPM chip or there may be a TPM chip, but it needs to be enabled in the BIOS. Refer to your computer’s manufacturer for instructions on how to enable TPM within your computer’s BIOS settings.
No TPM chip found
There still might be hope even if a TPM chip is not found

TPM 1.2 to 2.0

If the steps above indicate you have TPM 1.2, you may be able to upgrade the TPM firmware to the required version 2.0. However, not all TPM 1.2 chips are upgradeable to version 2.0. Again, check with your computer’s manufacturer which upgrade path is possible for your PC.

What to do if you don’t have TPM 2.0 installed

Certain motherboards found in desktop computers may have a header that allows for the installation of a TPM chip. Refer to your computer motherboard’s manufacturer to see whether or not the installation of a TPM chip is possible. There are several different kinds of TPM chips available in the market, so make sure you get one that is compatible with your motherboard

Bypassing TPM Requirement for Windows 11

Older machines, typically those built before 2014 are all but guaranteed not to have or are even capable of being installed TPM. However, this does not necessarily mean that users of older hardware are held back from experiencing Windows 11. The process involves inserting a couples values within Registry Editor during the first step of the Windows 11 install process.

Note: However, it should be noted that users who perform the following steps do so at their own risk. The procedure below bypasses the TPM requirement check to allow the installation of Windows 11. This obviously negates the new security features of Windows 11, and users who do this are advised to exercise caution.

Windows 11 setup screen
Windows 11 Setup Screen
  1. Boot off your Windows 11 install disk.
  2. During Windows 11 Setup Screen (shown above), press SHIFT + 10
  3. This will take you the command line, type regedit to launch the Registry Editor
  4. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\Setup
  5. Under Setup, create a new registry key and name it LabConfig
  6. Within LabConfigcreate DWORDs values called BypassTPMCheck and BypassSecureBoot and assign each a value of 1
  7. Close the Registry Editor and proceed to the rest of the Windows 11 process as usual.