Windows 11 and enabling TPM 2.0

SpyderTracks

We love you Ukraine
So a lot of you will by now have received the notification in windows update that your device isn't eligible for Windows 11 because TPM 2.0 isn't available.

The good news is that most motherboards since 2016 have a firmware TPM built into the motherboard which you can switch on on a toggle setting in the BIOS

To access the BIOS, easiest way is through windows:



Then once your in the BIOS, all you have to do is find the fTPM or Firmware TPM or PTT and toggle it to on. This differs almost by motherboard, but certainly by manufacturer, but there's a brief summary of what to look out for below:

Gigabyte boards: https://chillblastassist.freshdesk....articles/79000125962-gigabyte-enable-amd-ftpm

Asus boards:

If you have any trouble, post below and we can help out.
 

RAYANDB

New member
I get this message when enabling TPM "Any change in the TPM in the BIOS or UEFI gives a fair warning that when the recovery key is lost or the BIOS ROM chip is replaced, the system will not boot into the OS, and data will stay encrypted and cannot be restored.
What is the Recovery Key?
 

SpyderTracks

We love you Ukraine
I get this message when enabling TPM "Any change in the TPM in the BIOS or UEFI gives a fair warning that when the recovery key is lost or the BIOS ROM chip is replaced, the system will not boot into the OS, and data will stay encrypted and cannot be restored.
What is the Recovery Key?
TPM activates encryption. If the computer fails and you need to get the hardrive booted kn another machine you need the code to unlock the encryption, that's what the code does.
 

Harag

Gold Level Poster
TPM activates encryption. If the computer fails and you need to get the hardrive booted kn another machine you need the code to unlock the encryption, that's what the code does.

Quick question. I've not going into the BIOS so not seen the message first hand. does the message display a recovery key I need to note down?
 

andmil72

Member
Thanks for this post. I have just updated TPM on both my AMD/Gigabyte PC and my Intel/ASUS PC. For others looking at this I will say that my BIOS menus were NOT exactly the same as those shown in the guides above, but the guides gave enough useful pointers for me to drill down and find the correct sub-settings to change to make the PCs Windows11 ready.

Once the BIOS was changed nothing else happened so I assume that disk encryption will not actually happen until Win11, and we will have the opportunity to set it up then.
 

SpyderTracks

We love you Ukraine
Thanks for this post. I have just updated TPM on both my AMD/Gigabyte PC and my Intel/ASUS PC. For others looking at this I will say that my BIOS menus were NOT exactly the same as those shown in the guides above, but the guides gave enough useful pointers for me to drill down and find the correct sub-settings to change to make the PCs Windows11 ready.

Once the BIOS was changed nothing else happened so I assume that disk encryption will not actually happen until Win11, and we will have the opportunity to set it up then.
There's no disk encryption unless you manually set it.

TPM purely stores across keys and tokens encrypted including encryption keys
 
Top