Over time, computers have become more secure on both a physical and a software level. Modern computers are equipped with a Trusted Platform Module (TPM) built into the motherboard. TPM is capable of securing physical access to the computer, as well as encrypting data stored within the machine. The TPM module stores encrypted keys inside the hardware chip. This way, it is much less likely that the encryption is compromised and the system is hacked.
As of Windows 8.1, Microsoft began requiring the installation of TPM 1.2 in order to enable Bitlocker for data encryption. For Windows 11, this requirement has been upgraded.
In order for Windows 11 to function properly, TPM 2.0 must be installed. Installing Windows 11 on a PC without a TPM 2.0 module will result in an error stating that the computer is not compatible with Windows 11.
There are a few ways by which we can check if our system has TPM 2.0 module installed.
Check TPM module using Microsoft Management Console
- Open the Run dialog box by pressing the Windows key + R together.
- Type tpm.msc and then press OK.
- This will open the Trusted Platform Module utility which shows the information about TPM module version installed on the computer.
To confirm the module version, check the Specification Version under TPM Manufacturer Information. It should be version 2.0 for the system to be compatible with Windows 11 installation.
Check TPM Module Version using Device Manager
Since TPM is a hardware module, it is listed in the device manager. You can check your device manager to confirm the version of TPM installed in our system.
- Open the Device Manager (Windows key + X + M) OR (Run –> devmgmt.msc)
- Expand “Security devices” from the list. It should list down the Trusted Platform Module and its version installed. For example, when I open my computer, it shows Trusted Platform Module 2.0. If the version is not mentioned in the name, you can open the Trusted Platform Module properties and see the version in the Details tab.
Check if TPM is installed using Command Prompt
If you prefer to check the presence of TPM module on your computer using the command line, you can use the Command Prompt for this:
Open Command Prompt as administrator and run the following command:
wmic /namespace:\root\cimv2\security\microsofttpm path win32_tpm get * /format:textvaluelist.xsl
NOTE: While many websites have mentioned the same command, this command does not work for me. If it works for you, please let me know.
Check if TPM is installed and enabled using PowerShell
Another way to check if TPM is enabled or not is using PowerShell.
Open PowerShell as an administrator and run the following command:
This will give you a list of values. The values to check are:
True means TPM is installed on your computer. False means the module is not installed on your computer.
True means TPM is enabled on your computer. False means the module is not installed on your computer.
Other ways to check for TPM module
Another way to check for the TPM module is to use the PC health check tool from Microsoft. If it says that your PC is compatible with Windows 11, you should have TPM 2.0 installed on your computer. Otherwise, you’ll need to check BIOS settings if TPM is present and enabled in BIOS.
Once installed, run the tool and click on Check now button.
The two possible outcomes are as follows:
If TPM module is present and all other Windows 11 requirements are met:
If TPM module is not installed or enabled:
Microsoft has made it hard for Windows 11 to be installed on old computers. This is good in the security sense because Windows 11 will be more secure than all other operating systems as it requires hardware security to be installed by default. If you want to install Windows 11 without the TPM requirement, you can do so by bypassing the Windows 11 TPM check during installation.