BrowsePopularContact UsAbout Us

How to Enable TPM 2.0 on Your PC (BIOS/UEFI Guide)

TPM 2.0 has gone from an obscure firmware feature to a household term — mostly because Windows 11 requires it. If your PC was built in the last several years, TPM 2.0 is almost certainly present on your hardware. The catch is that it's frequently disabled by default in the BIOS/UEFI settings. Enabling it is usually a short process, but the exact steps vary depending on your motherboard manufacturer, CPU platform, and firmware version.

What Is TPM 2.0 and Why Does It Matter?

TPM stands for Trusted Platform Module. It's a dedicated security chip (or firmware-based equivalent) that handles cryptographic functions — storing encryption keys, verifying system integrity at boot, and supporting features like BitLocker, Windows Hello, and Secure Boot.

TPM 2.0 is the current standard, offering broader algorithm support and tighter integration with modern operating systems compared to the older TPM 1.2. For Windows 11 compatibility, TPM 2.0 is a hard requirement — not a suggestion.

There are two main forms TPM takes:

  • Discrete TPM (dTPM): A physical chip soldered onto the motherboard
  • Firmware TPM (fTPM): A software-based implementation running within the CPU's secure environment — common on AMD and Intel platforms

Both satisfy Windows 11's requirements. The enabling process is the same regardless of which type your system uses.

How to Check If TPM 2.0 Is Already Active

Before diving into BIOS, check whether TPM is already enabled on your system:

  1. Press Windows + R, type tpm.msc, and hit Enter
  2. The TPM Management window will open
  3. If it shows "TPM is ready for use" with Specification Version: 2.0, you're already set
  4. If it says "Compatible TPM cannot be found", TPM is either disabled or not present

You can also run the PC Health Check app from Microsoft to confirm Windows 11 readiness.

Accessing Your BIOS/UEFI Settings 🔧

To enable TPM 2.0, you need to enter your system's BIOS or UEFI firmware. Here's how:

  1. Restart your PC
  2. During the startup screen (before Windows loads), press the BIOS key repeatedly — typically Delete, F2, F10, or Esc depending on your motherboard brand
  3. If you miss the window, restart and try again
ManufacturerCommon BIOS Key
ASUSDelete or F2
MSIDelete
GigabyteDelete or F12
ASRockF2 or Delete
DellF2
HPF10 or Esc
LenovoF1, F2, or Fn+F2

Alternatively, from within Windows 10/11: Settings → System → Recovery → Advanced Startup → Restart Now → Troubleshoot → Advanced Options → UEFI Firmware Settings.

Enabling TPM 2.0: AMD vs. Intel

The setting name and location differ between AMD and Intel systems — this is one of the most common sources of confusion.

AMD Systems (fTPM via AMD Platform Security Processor)

  1. In BIOS, navigate to Advanced or AMD CBS settings
  2. Look for AMD fTPM switch or Trusted Computing
  3. Change the value from Disabled to AMD CPU fTPM (or simply Enabled)
  4. Save and exit (usually F10)

Intel Systems (PTT — Platform Trust Technology)

  1. In BIOS, navigate to AdvancedTrusted Computing or Security
  2. Look for Intel PTT or TPM Device Selection
  3. Enable Intel PTT (this activates the firmware-based TPM)
  4. Save and exit

Discrete TPM Chips

If your motherboard has a physical TPM header with a dedicated module installed:

  1. Go to Advanced → Trusted Computing
  2. Set Security Device Support to Enabled
  3. Confirm TPM 2.0 is selected (not 1.2)
  4. Save and exit

Important Warnings Before You Enable TPM 2.0

Enabling TPM 2.0 is generally safe, but there are scenarios where it can cause complications:

  • BitLocker users: If BitLocker drive encryption is already active and you change TPM settings, Windows may flag your drive as untrusted and request your BitLocker recovery key. Have this key ready before making changes.
  • Clearing TPM: Some BIOS menus offer a "Clear TPM" option — avoid this unless you specifically need to reset it. Clearing TPM can make encrypted data inaccessible.
  • Dual-boot setups: If you run Linux alongside Windows, changing Secure Boot settings (often near TPM options) can affect your Linux bootloader. TPM itself is generally fine, but tread carefully around adjacent settings.

After Enabling TPM 2.0

Once you save and reboot, return to tpm.msc to confirm the change took effect. The status should now read "TPM is ready for use" with version 2.0 listed.

If Windows 11 compatibility was your goal, re-run the PC Health Check tool — TPM 2.0 alone may not be the only requirement. Secure Boot status and CPU generation also factor in, and those may require separate adjustments in BIOS.

When TPM 2.0 Isn't Available

Some older systems — generally pre-2016 hardware — don't support TPM 2.0 in any form. In that case:

  • The BIOS may show only TPM 1.2 options
  • fTPM may not be supported by the CPU
  • No firmware update will add TPM 2.0 if the hardware doesn't support it

Whether that situation calls for a hardware upgrade, workaround, or simply staying on Windows 10 depends entirely on what you're actually trying to accomplish with your system. The hardware limitations are fixed — what varies is what those limitations mean for your specific use case and timeline.