Explained: What is TPM and why do you need it for Windows 11?

TPM on Windows 11
Honor X9b Ad
Honor X9b Ad

Microsoft’s Windows 11 is finally here after a long wait. The new version of Windows introduces multiple highlighting features including Android app support (albeit not through Google’s Play Store), redesigned visuals, easy multitasking, and many more. One announcement that’s been a concern to many is the TPM requirement. Here, we will discuss what TPM is, why Microsoft is mandating it for Windows 11, and if your system has it or not.

TPM for Windows 11:

It’s fair to assume that most users have never heard of the term TPM (Trusted Platform Module) until Microsoft announced that the next iteration of Windows is making it a compulsory requirement. Early adopters who are eager to get their hands on the new operating system, are taking it as a concern.

“Does my laptop have TPM?” and similar inquiries dominated the internet following the release of Windows 11. So, before we dispel any myths, let’s learn about TPM.

What is TPM?

TPM is a small chip located on the motherboard of your computer. This chip is intended to help protect your extremely sensitive data. It stores data such as encryption keys, user credentials and creates a physical barrier to prevent potential attackers from accessing your system.

TPM chip

Here, Microsoft specifically stated that the new operating system required TPM 2.0. To note, TPM is available in two versions: an older and less secure v1.2 and a more secure 2.0 edition.

The deal with Windows and TPMs

As aforementioned, TPM helps you to create a barrier that prevents possible attackers from accessing your computer. Now, Microsoft will be able to employ stronger encryption to safeguard Windows Hello, BitLocker PINs, and enable more advanced security features like Windows Defender System Guard. With Windows 11 focusing more on privacy and security, the decision to adopt TPM 2.0 isn’t questionable in the slightest.

Windows 11

Likewise, the hidden fact is that Microsoft has actually implemented TPM 2.0 compliance on all versions of Windows 10 from July 2016. They have expressly said that starting in July 2016, laptops and PCs should implement and enable TPM 2.0 by default. 

What this means is that Windows-powered devices from July 2016 or later must have TPM 2.0 functionality. In fact, Intel and AMD have embedded TPM technology that is equivalent to TPM 2.0 into many of their CPUs since 2013.

Intel calls its solution Intel Platform Trust Technology (Intel PTT) whereas AMD’s alternative is called AMD Platform Security Processor.

“Almost every CPU in the last 5-7 years has a TPM. For Intel, it’s called the “Intel PTT” which you set to enabled. For AMD it would be “AMD PSP fTPM”. TPMs have been required for OEM certification since at least 2015 and was announced in 2013,” said David Weston, Director of Enterprise and OS Security at Microsoft.

So, why I am still not eligible for Windows 11?

Even when their machine qualifies for Windows 11 (as per the specifications), many users continue to see the “This PC cannot run Windows 11” message when running their PC’s eligibility test via the PC Health Check app. The reason for this is that you do not have particular BIOS options enabled.

PC compatibale with WIndows 11 message

To enable it, simply navigate to the BIOS Security settings and choose the correct TPM technology. To note, the enable process might differ with every motherboard. After this, the PC Health Check tool will now inform you that your hardware is compatible with Windows 11.

In addition, Microsoft has also released a list of Windows 11-compatible Intel, AMD, and Qualcomm CPUs.

  • Meanwhile, check out our initial impressions of the Samsung Galaxy M32.