ION HowTo

Check PC-Windows 11 required TPM 2.0

Check if your PC has TPM 2.0 compatible with Windows 11

by

Dragos Ion
in , , , , ,

How to tell if pc has tpm 2.0 compatible with Windows 11 requirements.

Windows 11 requires TPM 2.0 or it will not install. Other software vendors might follow Microsoft allowing only their software to run only on tmp 2.0 enabled computers. Secure boot and TPM 2.0 might soon become a requirement for many programs.

TPM 2.0 stands for Trusted Platform Module version 2.0 and the tpm chip can be used for encryption and the BitLocker.

Generally these CPU generations should be ok to use:

  • any Intel CPU made after 2017, 8’th generation Intel and higher;
  • any AMD CPU made since 2018; AMD Ryzen 2000 series Zen+ and higher.

There are a few ways to check the TPM status on your PC. Any of these should help you find if tpm 2.0 is available for Windows 11 on your PC or laptop.

Windows 11 Free Upgrade

Enable TPM 2.0 on Asus UEFI Bios Video

Enable TPM 2.0 on Virtual Machine

Settings App

Start Menu > Settings > Seearch for Security Processor > click on Security Processor Troubleshooting

A windows will show you the status.

Security Processor Troubleshooting – firmware update needed
Security Processor Troubleshooting – clear tpm

On my PC before enabling firmware tpm, there was no tpm information. Even after enabling tpm 2.0 and confirming it works with the other methods. Here in Windows 10 it didn’t work. Might show some info in Windows 11 or if you enable BitLocker.

On the same PC before enabling firmware tpm, there was no tpm information.

Security processor troubleshooting Ryzen 3 3700x unsupported MB

The management console

Windows Key + R to run a command.

Type tpm.mmc and press enter.

if that doesn’t work, type mmc, press enter > add /remove snap-ins and look for TPM > click add > for local computer > press ok.

You can see in the photo bellow the TPM is ready to use but the TPM version 1.2 is not what Windows 11 needs. It needs to be tpm 2.0 at least.

tpm.mmc Shows old TPM version 1.2

When tmp 2.0 is present it should look like this. This is firmware tpm 2.0 active on Asus Prime x570-p MB and Ryzen 3 3700x CPU. The Motherboard also has a discrete spi tpm module slot for future upgrades luckily. Other boards might not have tmp at all.

tpm 2.0 is available – firmware tpm AMD CPU Ryzen 3000 series

Powershell

In powershell, you open a new windows as administrator.

Powershell command:

get-tpm

Here you can see TPM 1.2, no TPM 2.0

Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

Try the new cross-platform PowerShell https://aka.ms/pscore6

PS C:\WINDOWS\system32> get-tpm


TpmPresent                : True
TpmReady                  : True
TpmEnabled                : True
TpmActivated              : True
TpmOwned                  : True
RestartPending            : True
ManufacturerId            : 12xxxxxxxxx
ManufacturerIdTxt         : IFX
ManufacturerVersion       : 6.40
ManufacturerVersionFull20 : Not Supported for TPM 1.2
ManagedAuthLevel          : Delegated
OwnerAuth                 :
OwnerClearDisabled        : False
AutoProvisioning          : Enabled
LockedOut                 : False
LockoutHealTime           : Not Supported for TPM 1.2
LockoutCount              : Not Supported for TPM 1.2
LockoutMax                : Not Supported for TPM 1.2
SelfTest                  : {128, 0, 1, 255}



PS C:\WINDOWS\system32>

TPM not available at all because it’s disabled in the UEFI BIOS.

TPM 2.0 missing Asus X570-P Ryzen 3 3700x unsupported MB

After enabling firmware tpm, it is recognized as valid tpm 2.0 module.

Powershell shows tpm 2.0 is available – firmware tpm AMD CPU Ryzen 3000 series

Device Manager

Right click on the start menu > Device Manager.

You can use the Device manager to view the TPM version in Security Devices > expand to see the TPM and version if any.

Device manager TPM version in Security Devices

When a valid tpm 2.0 module is installed it should looks like this in device manager.

Device manager shows tpm 2.0 module is installed

UEFI Firmware settings

The TPM might be disabled on your PC from the UEFI firmware.

The BIOS/UEFI menus can be different but the tpm settings are found in the security section most of the time.

Restart in recovery mode to check UEFI settings.

Start Menu > Settings > Recovery > in Advanced Startup click Restart now

On blue menus screen:

  • Choose an option > Troubleshoot (restart your PC to see advanced options)
  • Click Advanced options
  • Click UEFI Firmware Settings (change settings in your PC’s UEFI firmware)
  • Click Restart button.
  • PC restarts.
  • Find Security Settings.
  • Enable TPM if it’s disabled.
  • Exit saving and Restart.

TPM requirements are there for security reasons mostly.

It hardens the security of your system.

Windows 11 allowed for a while but in general, you should avoid installing Windows 11 on old systems until Microsoft provides an alternative or hardware can be upgraded to suppot tpm.

Fb Pi Tw Wa Tw Go Em Re

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.