Only after Microsoft launched its Microsoft Windows 11 reveal this week that the company has released System requirements for its software update. And under RAM recommendations and recommended gigahertz (GHz) there is a curious acronym: TPM.
Trusted Platform Module or TPM is a secure crypto processor that secures a computer using an integrated cryptographic key. But basically, it’s like a security alert for your computer to prevent hackers or malware from accessing your data. And it will be necessary for Windows 11.
That means anyone with older computers, or even newer PC builders, may need to take some extra steps to get Windows 11 to work on their computers.
What is a TPM and how does it work?
There is software security and hardware security. Software security is an effective way of preventing hackers from breaking into a system. However, because software is inherently more malleable – its code can be modified – there is always a chance that a sophisticated hacker or exploit that gives hackers access to sensitive information will be found.
Hardware security, as the name suggests, is hard-coded. The cryptographic keys cannot be changed unless the hacker knows exactly what these keys are in advance.
“PCs of the future need this modern hardware root-of-trust to protect themselves from common and sophisticated attacks like ransomware and more sophisticated attacks by nation states,” said David Weston, director of enterprise and OS security at Microsoft in a blog entry. “The TPM 2.0 requirement raises the standard for hardware security by requiring this built-in root-of-trust.”
The TPM chip communicates with other security systems within a PC. Whether it’s a fingerprint reader or Windows Hello facial recognition, everything has to be coordinated with the TPM to allow users access.
And not only do your security systems use a TPM, programs like Outlook, Firefox and Chrome also use it.
Does my computer have TPM?
There are several ways to verify that your current computer has a TPM. The easiest way is to go to the start menu, Find Windows Security, and Click Device Security in the left column. Another window will appear there, indicating whether a TPM is installed on your device. It should say Security processor, with a small green check mark next to the icon. If this security processor icon is not present, a TPM is not installed.
Scroll through the gallery below to see all of the steps.
If you don’t see anything, you can also quickly check that a TPM is installed: Type run in the search bar, and then Enter tpm.mscm and press Enter.
That should bring them Trusted Platform Module (TPM) Management on Local Computer window. If you see “Compatible TPM cannot be found”, your computer either does not have a TPM or has TPM 1.2 but is not enabled in the BIOS.
Unfortunately, even if you can enable TPM 1.2 in the BIOS, Windows 11 requires TPM 2.0.
One final way to verify is to check is Download the PC Health Check app from Microsoft. After the installation, the program will tell you whether your computer is ready for Windows 11.
What to do if you don’t have a TPM 2.0
For desktop users who may not have TPM 2.0, you can add functionality by purchasing a compatible module for your motherboard. To do this, you need to search for your motherboard model and see if the manufacturer has ever released a compatible TPM.
Also, TPM prices seem to have increased since Windows 11 was released. A Asus TPM, which sold for $ 14 on Amazon, has sold out since that release and is selling for more than $ 40 in the second-hand market. Some manufacturers have also stopped producing TPMs, but it is likely that production will restart in light of the recent surge in demand.
If you can get a compatible module, all you have to do is find the TPM pins on your motherboard and plug them in. Remember to go into the BIOS menu and enable it as well.
Now, if you have a more modern CPU built after 2014, the chances are that TPM is already there. Modern CPUs contain TPM via firmware. Intel uses Platform Trust Technology (PTT), while AMD Ryzen chips use fTPM.
The steps to enable this in the BIOS vary depending on the manufacturer. However, in general, users have to restart their PC and press the Delete key repeatedly until the BIOS menu appears. From there, users may have to switch to advanced menus to find the TPM selector. The firmware TPM can be activated from there.