In June 2021, Microsoft confirmed that TPM 2.0 is a mandatory hardware requirement for Windows 11. Many users only discovered this when their upgrade check failed.
The Trusted Platform Module is not a new component, but its enforcement in consumer systems caught attention. Most motherboards built after 2016 include TPM 2.0, but some systems ship with the feature disabled.
If you've never heard of it before, you're not alone. TPM stayed quietly in the background until this moment forced it to the forefront.
What Is TPM 2.0?
The Trusted Platform Module (TPM) 2.0 is a dedicated chip or firmware component installed on a computer’s motherboard. It securely stores cryptographic keys, passwords, and certificates.
TPM can exist as a discrete hardware unit or as an embedded firmware implementation (fTPM) built into the processor. Most modern Intel and AMD platforms support at least one of these types by default.
It operates as a security anchor during boot-up, performing authentication tasks before the operating system even loads.
TPM 2.0 enables features like BitLocker drive encryption, Secure Boot, and hardware-level credential protection. Think of it as a security vault that your system silently consults every time it starts.
Why TPM 2.0 Is Required for Windows 11
Microsoft introduced TPM 2.0 as a baseline requirement to establish a consistent security foundation across all Windows 11 devices. The goal centers on trust at boot time and integrity during runtime.
TPM 2.0 enables measured boot, where the system verifies firmware, boot loaders, and core drivers before execution.
This process records cryptographic measurements that security services later validate.
In addition, Windows 11 relies on TPM 2.0 for credential isolation—features such as Windows Hello store biometric data inside protected hardware memory rather than general system storage.
On top of that, TPM supports BitLocker encryption by safeguarding disk encryption keys. This allows encrypted drives to unlock only when the system state matches expected values.
You benefit directly from this when devices change hands or leave controlled environments.
Microsoft formalized these requirements in June 2021 to align consumer systems with enterprise security standards.
How to Check if Your System Has TPM 2.0
Step-by-Step: Use TPM.MSC to Check TPM Status
Press Windows + R to open the Run dialog.
Type tpm.msc and hit Enter.
This launches the TPM Management Console, a built-in Windows utility.
Wait for the “Status” field to populate. It may take a few seconds.
Look for the TPM version in the “TPM Manufacturer Information” panel at the bottom.
How to Interpret What You See
If the console says “The TPM is ready for use,” and the listed version is 2.0, then your system meets the Windows 11 TPM requirement. No action is needed.
If you see “Compatible TPM cannot be found”, it doesn’t necessarily mean your system lacks it. On some machines, TPM exists but is disabled at the firmware level.
You can verify this by rebooting and entering the BIOS or UEFI setup (usually by pressing Del, F2, or F10 at startup). Look under the Security, Advanced, or Trusted Computing tabs for options such as Intel PTT or AMD fTPM. If present but disabled, enable it and restart.
On top of that, specific older systems may only support TPM 1.2. This version appears in the same panel and, although functional, does not satisfy Windows 11’s strict criteria.
Knowing where to look helps avoid confusion. Before assuming your device is unsupported, confirm whether the TPM is missing or disabled.
Enabling TPM 2.0 from BIOS/UEFI Settings
Accessing the Firmware Interface
Reboot your computer.
During startup, press the key for BIOS or UEFI setup. This varies but is usually Del, F2, F10, or Esc.
Once inside, use keyboard arrows or mouse (if supported) to navigate.
Open the Security or Advanced tab, depending on your system.
Look for entries labeled TPM, PTT, or fTPM.
If found and set to Disabled, change it to Enabled.
Save changes and exit. This is typically done using F10.
Let the system restart normally.
Interpreting What You See in BIOS
Intel platforms usually refer to TPM as Platform Trust Technology (PTT). AMD systems label it fTPM, short for firmware TPM. Both perform the same cryptographic role.
Some systems also offer a Physical TPM toggle. That refers to a separate chip installed on the motherboard. Most consumer laptops only use firmware-based TPM.
In addition, specific business-class devices include a setting for TPM State and TPM Clearing. Leave those untouched unless explicitly prompted by IT support.
If you're unable to locate the TPM setting, your BIOS may hide advanced menus by default. Check your device manual or support site for steps to unlock full firmware controls. (You’ll be surprised how often that gets overlooked.)
Once enabled, TPM 2.0 becomes active without additional setup. Windows recognises it automatically on the next boot.
What If Your PC Does Not Support TPM 2.0?
Some systems genuinely lack TPM 2.0 support, especially those built before 2016. In these cases, the BIOS contains no TPM or fTPM option.
You can still upgrade to Windows 11 by bypassing the TPM check during installation using a registry modification. Microsoft documents this method, but it turns off official support and may affect updates. If you’re handling client systems, this route should be avoided unless explicitly approved.
Alternatively, some desktop motherboards include a TPM header for a discrete chip module. Manufacturers such as ASUS and Gigabyte sell TPM 2.0 add-ons compatible with their boards. You’ll need to verify socket type and firmware compatibility first.
Besides these options, your best path may be to remain on Windows 10 until system refresh cycles make compliance straightforward.
Notes on Compatibility and Upgrades
TPM 2.0 reflects a shift in how operating systems treat device trust. It is no longer considered optional.
Microsoft embedded the requirement to support a cryptographically verified boot chain, from firmware through to kernel-level operations. The system must prove its integrity before it loads, not after.
Besides the enforcement policy, TPM support will likely become a baseline in future platform standards. Most OEMs now treat TPM as a default feature rather than a premium inclusion.
If your current device runs Windows 10 and shows no TPM 2.0 path, you can still function without issue until at least October 2025. After that, the platform's story changes.