What Is TPM?
TPM stands for “Trusted Platform Module.” It’s a technology designed to give your PC robust hardware-based security. This chip helps your computer generate, store and limit the use of encryption keys and other security credentials on your device.
How Does TPM Work?
The TPM module on your laptop plays a powerful role in keeping your PC safe. Here are a few examples of how it works to secure your device:
Your TPM chip can combine with software to protect your system from hacking or exploitation. Using the TPM, your hardware protects any passwords or encryption keys sent in unencrypted form. Besides that, it can sense unexpected changes to your system. If they were caused by a virus or malware, your TPM chip goes into quarantine mode and helps your computer fight the threat.It can also store your certificates, security credentials and encryption keys, which is a more secure option than password managers on your hard drive.Your TPM module can mimic a virtual smart card, protecting your private keys from being copied and used elsewhere to access your device.If you use the TPM to enable BitLocker Drive encryption, the chip will run conditional tests to ensure safety when booting up. If your TPM senses a change in hard drives, as with theft, it locks up the system.
What Are the Types of TPM?
Manufacturers implement TPM functionality differently in their devices, making it essential to know what type of TPM your device has to understand how it works and how to activate or deactivate it. There are five different types of TPMs. Let’s look at them below.
Discrete TPMs – These are dedicated, tamper-resistant semiconductor chips physically installed on your PC’s motherboard. These modules implement TPM functionality in the most secure way and are what Microsoft expects your device has to support Windows 11.Integrated TPMs – Integrated TPMs are physical chips, too, but they come as part of another chip on your motherboard. While not as tamper-resistant as discrete TPMs, they use hardware that resists bugs in your software.Firmware TPMs (fTPM) – Unlike any of the above options, Firmware TPMs (fTPMs) are firmware-based. They run in your CPU’s trusted execution environment to give you similar security as hardware TPM versions.Hypervisor TPMs (vTPM) – A hypervisor TPM requires a virtual environment to work. That makes it easy for you to install Windows 11 in a virtual machine, where a vTPM runs in an isolated execution environment hidden from the software.Software TPMs – A software TPM emulates the functionality of a discrete TPM but with no better protection than a regular program can offer. Software TPMs are the least secure, as they are vulnerable to bugs and malicious attacks.
Why Is TPM 2.0 a Requirement in Windows 11?
As technology evolves, so do threats to the security and privacy of your data. The TPM 2.0 standard is Microsoft’s way of helping you protect your identity and secure your data from intrusion. For example, you’ll need to have TPM 2.0 to run Windows Hello and activate BitLocker encryption for your hard drive. Since 2016, many manufacturers have shipped PCs capable of running TPM 2.0, but some PCs capable of running this module aren’t set up to do so. That’s why we recommend checking your device for TPM compatibility before installing Windows 11.
How to Check Whether Your Device Has TPM 2.0
There are three ways to check whether your laptop has TPM 2.0 installed and will support Windows 11.
1. Use the Microsoft PC Health Check App
The fastest way to determine whether your PC can support Windows 11 and has TPM 2.0 is by using the PC health check app utility. Follow the directions below. If your computer is incompatible with Windows 11, it will show you how and why. It will also give you information on your battery capacity, update status and storage capacity.
2. Run the Trusted Platform Module Test
Another excellent way to check your TPM version is to use the tpm.msc command.
3. Use the Windows Security App
You can also use the Windows security app to check for TPM 2.0.
How to Bypass TPM 2.0
What if your TPM version is below 2.0? Can you still install Windows 11 on your device? Yes, you can. You can bypass the TPM 2.0 requirement safely without compromising your device. Here’s how to go about it.
1. Add a New Registry Value Using Regedit
Microsoft developed this tweak, so you can be sure of its reliability. That doesn’t mean it endorses or supports installing Windows 11 on devices that don’t meet its requirements, though. Here’s how to go about it: Your PC can now upgrade to Windows 11.
2. Modify the Registry on a Fresh Windows 11 Install
Another way to do it is to modify the registry after beginning a fresh Windows 11 Install.
3. Use Rufus to Bypass TPM 2.0
You can use the Rufus utility to create a bootable USB with settings that disable TPM requirements. This setting also disables RAM and CPU requirements, essentially making your installation media compatible with almost all devices that fall short of Microsoft’s requirements. This method requires you to use a flash drive that’s at least 16GB in size. Once done, you can use this drive to install Windows 11 on your older PC or virtual machine.
1. Can I install a new TPM chip on my PC?
Yes you can, but you must have a compatible motherboard. Most laptops manufactured after 2016 come with either discrete or integrated TPMs. Since laptop motherboards are harder to upgrade, you might not add a chip to yours. If you have a compatible desktop motherboard, you can install a physical TPM chip on it. Most desktop PC motherboards have this option. Unless you have intermediate or expert experience with computer hardware, we recommend you contact an expert if you need to make this upgrade.
2. How much does a TPM chip cost?
In many cases, TPM chips don’t cost more than $29, but when Microsoft announced this requirement, the price rose sharply to about $199. Now that the heat has died down (and you can circumvent the TPM requirement anyway), they should be back to normal pricing.
3. Does Windows 10 use TPM 2.0?
Yes it does, although it wasn’t a hard-floor requirement on this Windows version. Since Windows 10, Microsoft takes full control of the TPM module to ensure your system stays secure.
Final Thoughts
Now that you know how to bypass the TPM 2.0 requirement, you can install Windows 11 on your device. Although you’ve worked around these restrictions, you many want to get a compatible PC anyway. Microsoft doesn’t like is new OS on devices that don’t meet requirements. While it won’t stop you from doing it anyway, the user agreement protects Mircosoft from any damage your PC may incur as a result of using Windows 11. Also, the agreement takes away any obligation to issue updates to your device. A compatible device keeps you within Microsoft’s good graces, and you’ll enjoy full support for your Windows 11 installation. Read on to learn how to convert legacy BIOS to UEFI in Windows 10.