Windows 11 comes with strict system requirements, and if those are not met, you won’t be able to upgrade to the new Microsoft operating system. One of the compatibility limitations faced by many Windows 10 users is TPM. So if you are wondering what is TPM 2.0 and what makes it so important for Windows 11 installation, we have got you covered.
This guide will answer all your questions related to what is TPM 2.0 with respect to Windows 11.
What is TPM 2.0
Image Credit: Wikimedia Commons
So, what is TPM 2.0? Well, TPM is an acronym for Trusted Platform Module. It is a hardware chip on the motherboard that provides security to your computer. The device security and protection are provided at the hardware level, as it includes physical security mechanisms. You can carry out cryptographic functions like disk encryption and biometric authentication with the help of this cryptoprocessor chip present on your computer.
Now, the question is, ‘How does the Windows operating system use TPM?’
When you start your computer and it boots, the key stored in TPM is used to unlock the system drive. If the keys don’t match up, the system drive unlock is prevented, halting the entire boot process.
It takes the security of your Windows PC a notch higher. For example, outlook, Firefox, Chrome, and Bitlocker drive encryption uses TPM security.
TPM 2.0 is the latest version of TPM. The previous version was TPM 1.2. Most PCs after 2015 have TPM 2.0 in them.
Why does Windows 11 need TPM 2.0?
The older version of the Windows operating system supported TPM; however, it was not a compulsion to run the OS. So then, what is different now?
David Weston, the Director of Enterprise and OS Security, said in his blog post that “Requiring the TPM 2.0 elevates the standard for hardware security by requiring that built-in root-of-trust.”
Windows 11 will make it difficult for attackers and hackers to access your computer because of TPM 2.0. So, one needs to know and understand what is TPM 2.0. And this makes it essential to have this security chip on your computer to upgrade to Windows 11.
What is the difference between Hardware TPM and Firmware TPM?
The firmware TPM, widely known as fTPM, is available on many computers, mostly the one with Intel and AMD processors. The firmware TPM is not physically present on your computer; it is software code hardcoded inside the processor itself.
Intel’s Platform Trust Technology or PTT and AMD’s fTPM are famous for firmware TPM. The firmware TPM offers the same features and functionality as hardware-based TPM. You can use firmware TPM on low-cost and low-power devices, thus targeting many systems.
The only difference between these two types of TPM is one is hardware-based and therefore physically present on the motherboard, while the other is firmware-based.
If you find dTPM or Discrete TPM on your BIOS window, it means there is a slot to insert hardware TPM on your device. If you enable dTPM from BIOS but don’t have TPM hardware installed, the status will still show disabled. In such cases, you can activate firmware TPM.
Is Firmware TPM Compatible with Windows 11?
Yes, the firmware TPM is compatible with Windows 11. As mentioned above, there is no difference between hardware and firmware TPM when it comes to features and functionalities.
Even the apps, software, and operating systems do not consider any difference between them. Therefore, Windows 11 is compatible with firmware TPM; this includes Intel PTT and AMD’s fTPM. Consequently, you can enable, use and manage fTPM just like you do with hardware TPM.
Does my Computer have TPM?
You now know what is TPM 2.0. But, if you are unsure whether your computer has TPM and what type or version of TPM it has, you need to check it manually. There are different ways to check the TPM existence of any system.
1. Check via PowerShell Command
You can use the PowerShell command to check if TPM is present on your computer or not. This command will also tell you if TPM is enabled or not.
Press Windows key + X to open a quick link menu and click on “Windows PowerShell (Admin).”
When the PowerShell window opens, type the below command and press Enter.
You can check the TPM version in the ManufacturerVersion option. The above screenshot represents the output of firmware TPM.
If the TPM is not present on your PC, you will see False everywhere in the command output, as shown below. However, if it is present and disabled, it will be reflected in the output accordingly.
Make sure you check the command output correctly. If TPM is not present, you either need to add a TPM module to the device’s hardware or purchase a new system for Windows 11. You can refer to the sections below for more information on the same.
2. Use Trusted Module Package (TPM) Management Console
You can use the TPM Management console available on your computer to check the existence of TPM. This console is available irrespective of TPM availability.
Press Windows key + R to open the Run window and type “tpm.msc” there. Click “OK” to open the TPM Management console.
In the console window, check the Status; if it says ‘The TPM is ready to use,’ it means TPM is present and enabled on your device.
You can check the version of the TPM in the TPM Manufacturer Information section. However, if the TPM does not exist on your computer, you will see a ‘Compatible TPM is not found’ message on the management console.
You can use the Trusted Platform Module Management console to check the version and information related to TPM. However, you must avoid using it for configuring TPM, as Microsoft has stopped developing the console from Windows 10 version 1809.
3. Use Device Manager
Another simple way to check the TPM status and information is to use Device Manager.
Step 1: Press Windows key + X and click on “Device Manager” to open it. Alternatively, you can search for Device Manager in the Start menu and open it from there as well.
Step 2: In the Device Manager window, expand “Security devices,” you will see Trusted Platform Module 2.0 there.
If you cannot find Security devices, your computer does not have hardware TPM or firmware TPM.
Step 3: To find more details about TPM, right-click on it and select “Properties” from the context menu.
Step 4: In the Properties window, go to the “Details” tab and check the details about the TPM device.
You can also check other tabs for more information.
4. Use Command Prompt
The last method of checking TPM without entering BIOS is to use the Command Prompt terminal. If you are a Command Prompt fan, you will like this approach to finding TPM details.
Type “cmd” in the Start menu search box and click on “Run as administrator” for Command Prompt.
In the Command Prompt window, type the below command and press Enter to execute it.
wmic /namespace:\root\cimv2\security\microsofttpm path win32_tpm get * /format:textvaluelist.xsl
You will know if the TPM is activated, enabled, and the version with this single command. If you don’t have TPM on your device, there won’t be any output for the above command.
Once you have checked the status, version, and other details, you can enable TPM 2.0 from the BIOS.
Can I install a TPM chip on my Computer Manually?
You can install TPM hardware on your computer manually, but it is not an easy task. First, you need to check the BIOS version, motherboard, and other hardware components on your computer to install the correct TPM.
We recommend getting in touch with the manufacturer’s customer support and then install the TPM on your own. The motherboard manual can also help you with the version and other details. You may also need dTPM on your computer to plug in the TPM module. But, again, an experienced technician can help you with the installation.
An incorrect hardware installation can ruin your PC beyond repair. Therefore, we recommend doing it under an expert’s supervision.
Can you install Windows 11 without TPM 2.0?
Many Windows 10 users either have an older version of TPM or no TPM at all. In such a scenario, the question that arises in our mind is, ‘Can you install Windows 11 without TPM 2.0?’
The answer is ‘Yes, you can upgrade to Windows 11 without TPM 2.0,’ but you may miss out on security updates and patches in the future.
Even Microsoft does not recommend installing Windows 11 on a computer that does not meet the minimum system requirement. However, if you still want to take the risk and upgrade your computer, you can modify the registry and bypass the check.
After modifying the registry, you can reboot your computer and start with Microsoft Windows 11 upgrade on your Windows 10 computer.
Final Thoughts On What is TPM 2.0
TPM is a critical security feature required to perform Windows 11 upgrade. Therefore, Microsoft has made it mandatory to have TPM 2.0 on your computer. You can have firmware TPM like PTT and fTPM or hardware TPM, as Windows 11 works on both.
Fortunately, TPM 2.0 is primarily available on all devices that are manufactured after 2015. We hope this guide explains the buzz around what is TPM 2.0 and what it does. I’d encourage you to enable TPM on your computer if it is supported on your computer.