How to Check TPM on Windows: What It Is and How to Find It on Your PC

Trusted Platform Module (TPM) became a household term almost overnight when Microsoft announced that Windows 11 required it. Suddenly, millions of users were scrambling to find out whether their machines had it — and whether it was turned on. If you're in that position right now, here's exactly what TPM is, why it matters, and every method available to check its status on Windows.

What Is TPM and Why Does It Matter?

TPM (Trusted Platform Module) is a dedicated security chip — either a physical component soldered to your motherboard or a firmware-based equivalent built into your CPU — that handles cryptographic operations separately from your main processor. It stores encryption keys, certificates, and passwords in a protected environment that your operating system and applications can use but can't easily tamper with.

In practical terms, TPM powers features like:

• BitLocker drive encryption — TPM holds the encryption keys so your drive can't be decrypted if it's removed from your machine
• Windows Hello facial recognition and fingerprint login
• Secure Boot verification
• Measured Boot — a process that records system state at startup to detect tampering

Windows 11 requires TPM 2.0 at minimum. Windows 10 uses TPM where available but doesn't enforce it as a hard requirement. Knowing your TPM version matters if you're planning an upgrade or troubleshooting security features.

Method 1: TPM Management Console (tpm.msc) 🔍

The fastest built-in tool for checking TPM status is the TPM Management Console, a dedicated Microsoft Management Console snap-in.

1. Press Windows + R to open the Run dialog
2. Type tpm.msc and press Enter
3. The console opens and immediately tells you:
   • Whether a TPM chip is present
   • Its status (ready for use, not ready, or not supported)
   • Its specification version (1.2 or 2.0)
   • The manufacturer name and firmware version

If you see "Compatible TPM cannot be found," it means either TPM is absent from your hardware, or it's present but disabled in your BIOS/UEFI firmware. That's an important distinction — the chip may exist but be switched off.

Method 2: Device Manager

Device Manager gives you a hardware-level view of TPM.

1. Right-click the Start button and select Device Manager
2. Look for the Security Devices category and expand it
3. A TPM will typically appear as "Trusted Platform Module 2.0" or "Trusted Platform Module 1.2"

If the Security Devices category doesn't appear at all, or appears with a warning icon, TPM is either absent, disabled, or experiencing a driver issue.

Method 3: Windows Security App

For a more user-friendly view:

1. Open Windows Security from the Start menu or system tray
2. Navigate to Device Security
3. Look for the Security processor section
4. Click Security processor details to see:
   • TPM manufacturer
   • Specification version
   • Firmware version

This method is especially accessible if you're not comfortable digging into console tools. It's the same information presented in a cleaner interface.

Method 4: System Information (msinfo32)

System Information provides a comprehensive hardware report that includes TPM data.

1. Press Windows + R, type msinfo32, and press Enter
2. In the left panel, navigate to System Summary
3. In the right pane, scroll to find TPM Present — it will show True or False
4. For TPM version details, navigate to System Summary → Hardware → Security Devices in the left panel

This tool is useful when you need a full picture of your system specs alongside the TPM check.

Method 5: PowerShell (for Advanced Users)

PowerShell gives you granular, scriptable output — useful in enterprise environments or when other tools give unclear results.

Open PowerShell as Administrator and run:

Get-Tpm 

The output shows:

All five values being True with a 2.0 spec version is the ideal result for Windows 11 compatibility.

TPM 1.2 vs TPM 2.0: What's the Difference?

If your system shows TPM 1.2, you'll need either a hardware upgrade or a firmware-based TPM update (if your motherboard supports it) to meet Windows 11 requirements.

When TPM Is Present But Shows as Disabled

Many motherboards ship with TPM disabled by default, especially on systems assembled before 2021. If tpm.msc says the chip can't be found but your CPU or motherboard specs suggest it should be there:

• Restart and enter BIOS/UEFI (typically Del, F2, or F10 at boot)
• Look under Security, Advanced, or Trusted Computing sections
• Enable TPM, PTT (Intel Platform Trust Technology), or fTPM (AMD firmware TPM) depending on your platform
• Save and reboot, then re-run tpm.msc

The specific menu location varies significantly by motherboard manufacturer and BIOS version — no two are laid out the same way.

Variables That Affect Your TPM Situation 🖥️

Whether TPM checking is straightforward or involves extra steps depends on several factors:

• Hardware age — Systems older than 2016 are more likely to have no TPM or only TPM 1.2
• PC type — Pre-built OEM machines (Dell, HP, Lenovo) often have TPM enabled by default; custom-built systems may not
• CPU platform — Intel (PTT) and AMD (fTPM) handle firmware-based TPM differently
• BIOS access — Some enterprise machines have BIOS settings locked by IT policy
• Windows edition — Home, Pro, and Enterprise have different levels of TPM-dependent feature availability

The same tpm.msc command run on two different machines can produce two completely different results — one showing TPM 2.0 ready to go, another showing nothing at all — simply based on hardware generation and factory settings. Understanding which category your machine falls into is the first step before drawing any conclusions about upgradability or security feature availability.