Windows 11 requires a Trusted Platform Module 2.0 (TPM 2.0) chip. TPM 2.0 is a dedicated chip for handling cryptographic tasks, which Windows 11 leverages for several of its security features. For example, Windows 11 uses the TPM 2.0 chip on your PC whenever you log in with your fingerprint or facial recognition. Windows Hello and when Data encryption.
What is TPM in Windows 11?
The term Trusted Platform Module (TPM) refers to an international standard that describes the specifications of a microprocessor dedicated to performing security tasks and any chip that complies with those standards. When you hear that a computer has a TPM, it means that the computer contains a chip that meets the TPM standards, or that it contains firmware that allows the main CPU to perform the same functions. In most cases, the TPM chip will be found installed directly on the motherboard of a PC, but you can also add a TPM to your computer by installing an expansion card.
The TPM standard itself was developed by a consortium of technology companies that included computer manufacturers such as IBM and HP, chip manufacturers such as Intel, and software companies such as Microsoft. The group released TPM 1.0 in 2001, which was updated to TPM 1.2 in 2009, and TPM 2.0 in 2014.
The idea behind the TPM standard is that it ensures that any computer equipped with a TPM chip is capable of performing specific security tasks. For example, a TPM-compliant chip must, among other things, have a random number generator. It must also be able to generate encryption keys and encrypt and decrypt data.
What is TPM 2.0?
TPM 2.0 is a version of the TPM standard released in 2014 and was the latest version of the standard when Windows 11 was released. The term also refers to chips that comply with the standard. When you hear that a computer requires TPM 2.0, it means it needs a chip or firmware that complies with the TPM 2.0 standard.
TPM 2.0 is capable of performing a variety of cryptographic tasks, such as data encryption, decryption, and device authentication. On computers with TPM 2.0 firmware instead of a dedicated TPM 2.0 chip, you can typically enable TPM 2.0 in the UEFI.
Since TPM 2.0 was introduced in 2014, computers built before that date don't have it. However, it's possible to add TPM 2.0 to a computer by installing an expansion card. It's also possible to emulate TPM 2.0, which is how you can run Windows 11 on a Mac using Parallels.
What does TPM 2.0 do in Windows 11?
TPM 2.0 performs many security-related functions in Windows 11, and it starts the moment you turn on your PC. During the process, Boot Windows 11 uses a TPM chip to verify the integrity of the operating system before Windows boots. If it detects irregularities, it stops the boot process and allows you to repair Windows to avoid loading an operating system that may have been modified without your knowledge.
The TPM 2.0 chip also plays a role in the Windows sign-in process if you use Windows Hello. The chip is instrumental in encrypting and storing your biometric data, which consists of your fingerprint or facial scan, and verifying this record when you attempt to sign in to Windows.
Once you log in to Windows 11, TPM 2.0 allows antimalware programs to verify the integrity of Windows 11 in the same way that a system is scanned during the boot process. Since malware doesn't begin running until Windows loads, or is loaded alongside Windows, this can allow antimalware programs to Malicious software Identify and eliminate rootkits and other malware.
How to check if your computer has a TPM
If your PC was built after 2014, it may have TPM 2.0. If it was built more recently, within the last few years, it likely has this feature. If you're not sure, the easiest way to find out is to run a Windows 11 compatibility check.
You can also check to see if you have a TPM in Windows Settings by going to Update & Security > Windows Security > Device Security. Look for the specification version, which will say 1.0, 1.2, or 2.0 if you have a TPM. If you don't have a TPM at all, the Security Processor Details section will be blank.
What to do if you don't have TPM 2.0
If your PC doesn't have TPM 2.0, you should continue using Windows 10. There is a workaround that allows you to install Windows 11 on a PC without TPM 2.0, but it isn't secure. Microsoft will not provide updates and support for users who use the bypass method to install Windows 11 on a PC that lacks TPM 2.0. Many of Windows 11's security features will also not work, so using the bypass method makes you inherently less secure both immediately and in the future.
You can add TPM 2.0 to a computer that doesn't have it via an expansion card if you can locate a compatible motherboard. If you go this route, you can install the card and then enable TPM 2.0 in the BIOS or UEFI. Before doing so, it's worth checking to see if your computer already supports TPM 2.0 firmware. You can do this by loading the UEFI and checking to see if there's an option to enable TPM 2.0.
After installing or enabling TPM 2.0 in your UEFI, you can upgrade to Windows 11 without any problems. However, if you can't add TPM 2.0 to your system, it's best to stick with Windows 10 as long as Microsoft continues to support it.
Frequently Asked Questions:
Q1: How do I enable TPM 2.0?
The answer: You can enable the TPM—or verify that it is enabled—by entering the UEFI/BIOS during startup. You can find the TPM in Advanced or Security. The "On" setting for the TPM is "employment" Or "Maybe" Or Firmware TPM module , depending on your computer model.
Q2: How do I install Windows 11 without TPM?
The answer: The TPM is an important part of Windows security. Therefore, you shouldn't install the operating system without it unless your computer has the chip. You can perform a workaround, but be aware that it poses a risk to your computer and the Windows operating system. In the Registry Editor, type HKEY_LOCAL_MACHINE\SYSTEM\Setup , then right-click Setting > New > Key .And name the new key LabConfig. Then, right-click the key and select New > DWORD (32-bit) . And set the values for Bypass TPM Check و Bypass RAM Check و Bypass Secure Boot Check To 1After that, you should be able to install Windows 11.
