BrowsePopularContact UsAbout Us

How to Check If TPM 2.0 Is Enabled on Your PC

TPM 2.0 became a household term when Microsoft announced it as a hard requirement for Windows 11. Since then, millions of users have found themselves digging through settings they'd never touched before, trying to figure out whether their machine qualifies. Here's exactly how to check — and what the result actually means.

What TPM 2.0 Is (and Why It Matters)

TPM stands for Trusted Platform Module. It's a dedicated security chip — either a discrete physical chip soldered to your motherboard or a firmware-based implementation built into your CPU — that handles cryptographic functions separately from your main processor.

Its job is to store encryption keys, certificates, and passwords in a secure environment that's isolated from the rest of your system. This matters for features like BitLocker drive encryption, Windows Hello, Secure Boot, and hardware-based two-factor authentication. When these features need to verify your identity or protect sensitive data, they lean on the TPM to do it safely.

TPM 2.0 is the current standard, released in 2014. It succeeded TPM 1.2 with broader algorithm support, better integration with modern operating systems, and the ability to store multiple keys simultaneously. Windows 11 requires it at the hardware level — TPM 1.2 doesn't qualify.

Three Ways to Check TPM 2.0 Status in Windows

Method 1: TPM Management Console (Fastest)

This is the most direct route.

  1. Press Windows + R to open the Run dialog
  2. Type tpm.msc and press Enter
  3. The TPM Management on Local Computer window opens

Look at the Status section. If it reads "The TPM is ready for use" and the Specification Version listed under TPM Manufacturer Information shows 2.0, you're confirmed.

If the window says "Compatible TPM cannot be found", the TPM is either disabled in firmware or your hardware doesn't have one.

Method 2: Device Manager

  1. Right-click the Start button and select Device Manager
  2. Expand the Security devices category
  3. Look for Trusted Platform Module 2.0

If it appears without a warning icon, the TPM is present and active. If the category is missing entirely, the TPM may be disabled at the BIOS/UEFI level rather than absent from the hardware.

Method 3: Windows Security App

  1. Open Windows Security from the Start menu or system tray
  2. Navigate to Device Security
  3. Click Security processor details

This screen displays the Specification version and Manufacturer version of your TPM. A spec version of 2.0 confirms compliance. This method is particularly useful because it presents the information without requiring any command-line knowledge.

Checking TPM Status via Command Line 🖥️

For users comfortable with PowerShell or Command Prompt, there's a more detailed option.

Open PowerShell as Administrator and run:

Get-Tpm

The output includes:

  • TpmPresent — True/False
  • TpmReady — whether it's initialized and usable
  • TpmEnabled — whether it's active
  • ManufacturerVersion — firmware version string

This method is especially useful when troubleshooting or scripting across multiple machines in a business environment.

What If TPM Shows as Not Found or Disabled?

Finding no TPM doesn't automatically mean your hardware lacks one. Many motherboards ship with TPM disabled by default in the UEFI/BIOS firmware. This is particularly common on systems built between 2016 and 2020.

To enable it:

  1. Restart your PC and enter BIOS/UEFI setup — typically by pressing Delete, F2, F10, or Esc during boot (the key varies by manufacturer)
  2. Look for TPM settings under sections labeled Security, Advanced, or Trusted Computing
  3. The setting may appear as TPM, PTT (Intel Platform Trust Technology), or fTPM (AMD firmware TPM)
  4. Enable it, save, and reboot

After rebooting, recheck using any of the methods above.

Hardware TPM vs. Firmware TPM — What's the Difference?

FeatureDiscrete TPM (dTPM)Firmware TPM (fTPM/PTT)
Physical chipYesNo
Where it runsDedicated chipCPU firmware
Security isolationHigherModerate
Windows 11 compatibleYes (if 2.0)Yes
Common onWorkstations, business laptopsConsumer desktops, modern laptops

Both meet the Windows 11 TPM 2.0 requirement. Firmware-based TPM is increasingly common because it eliminates the need for a separate chip while still meeting the cryptographic requirements. The practical security difference is meaningful mainly in high-security enterprise environments — for most consumer use cases, fTPM functions equivalently.

Factors That Affect Whether You'll Find TPM 2.0 Enabled

Not every machine lands in the same situation. A few variables determine what you'll find when you check:

  • CPU generation — Intel 8th gen and later, and AMD Ryzen 2000 series and later, generally include firmware TPM support. Older CPUs may rely on a discrete chip or lack TPM entirely.
  • Motherboard manufacturer defaults — Some boards ship with TPM disabled to maintain compatibility with older operating systems.
  • OEM vs. custom builds — Pre-built systems from major manufacturers often have TPM configured correctly out of the box. Custom-built PCs frequently require manual BIOS configuration.
  • BIOS version — Some early UEFI firmware versions from 2020–2021 required updates before fTPM/PTT settings appeared in the menu at all.
  • Virtualization settings — On some systems, enabling TPM may interact with Hyper-V or virtualization settings in ways that affect other workflows.

🔍 The Part That Depends on Your Setup

Whether TPM 2.0 is simply dormant in your BIOS, missing from your hardware entirely, or already running and ready varies considerably depending on when your machine was built, who built it, and how it was configured. The steps above will tell you exactly which situation you're in — but what you do with that information depends on your hardware generation, your operating system plans, and how your system is currently used.