While most home users don’t spend much time thinking about it, computer security is critical. So important that many business-focused computers have special hardware inside them (such as smartcard readers), making it difficult to hack or otherwise compromise them. 

A TPM (Trusted Platform Module) is becoming a standard feature on new computers, especially business-focused ones. So what is a TPM, and why would you want one?

Table of Contents
    What Is Trusted Platform Module (TPM) and How Does It Work? image 1

    Why Should You Care About TPM?

    Until recently, the only people who needed to care about TPMs were those working in large companies where network security is a top priority. People working from home on their personal computers or those who mainly use their computers for gaming and entertainment did not need to know about TPMs.

    However, with the announcement of Windows 11, it has suddenly become one of the most important three-letter acronyms in the computing world. This is because Windows 11 requires a Trusted Platform Module in a computer for it to work at all. Specifically, it requires TPM 2.0, although these requirements are subject to change at Microsoft’s discretion.

    What Is Trusted Platform Module (TPM) and How Does It Work? image 2

    Windows 10 support ends on October 14, 2025. It will no longer receive security patches of further updates from Microsoft. At that point, you either need to disconnect your computer from the internet or upgrade to Windows 11. 

    As it stands, you simply won’t be able to upgrade and also can’t keep using Windows 10! Unless you move to Linux (great idea!) or another Windows alternative, you will have to buy a new computer. That’s true even if your existing one is still fine! Microsoft may soften its stance in the future, but right now, that’s the reality of the situation.

    Now that you know why the TPM issue is essential, let’s dig into what a TPM is.

    The TPM Is a Chip

    The TPM is a physical component that’s usually built into your motherboard. Inside there are many components that let the TPM do its job. What is its job exactly? Here are the main tasks a TPM performs:

    • The TPM stores passwords, security certificates, and encryption keys securely and prevents unauthorized tampering.
    • It stores information about the computer securely, so it’s easy to detect if anyone has tampered with the computer.
    • A TPM can securely generate encryption keys so that the process cannot be spied upon or interfered with.
    What Is Trusted Platform Module (TPM) and How Does It Work? image 3

    Apart from these functions, the TPM also includes a hard-wired, unique, and unalterable encryption key, making it impossible for it to be substituted or tampered with.

    In a nutshell, the TPM is a dedicated piece of hardware on your motherboard that allows for safe computer use and authentication. Well, except if you have fTPM or TPP.

    fTPM and PTT

    fTPM (firmware TPM) and PTT (Platform Trust Technology) are AMD and Intel’s respective names for “firmware” TPMs. Instead of a dedicated chip on the motherboard, the Trusted Platform Module functionality exists within the CPU’s firmware. fTPM and TPP are integrated into most modern AMD and Intel processors, but the function needs to be activated for it to work.

    What Is Trusted Platform Module (TPM) and How Does It Work? image 4

    This is where things can become a little complicated. Usually, by default, motherboard makers disable firmware TPM functionality but then allow you to switch it on manually in your BIOS or UEFI menu. However, since each motherboard brand and model may be different, you should check your motherboard manual for specific instructions on how to activate your firmware TPM.

    In some cases, despite your CPU having a firmware TPM feature, your motherboard may lack the option to toggle it on. Some lower-end or gaming-focused motherboards may lack the option because they aren’t aimed at business customers. Hopefully, in light of the Windows 11 requirement, most motherboard makers will issue firmware updates for their motherboards, adding the feature. If not, then you may have to replace your motherboard at the very least.

    Can I Add a Trusted Platform Module?

    What if you don’t have a physical TPM on your motherboard and no prospect of using a firmware TPM? In some cases, it is possible to buy a TPM as an add-on. However, your motherboard needs to explicitly support the upgrade and have the required TPM header. Without a TPM header, there’s nowhere to install the TPM.

    At the time of writing, TPM upgrades are surprisingly expensive, so do take the time to compare the cost of a TPM module against the cost of a motherboard replacement.

    How to Check for a TPM

    If you’re running Windows 10 and want to confirm that you have a present and working Trusted Platform Module, here’s what to do:

    1. Press the Windows and R keys together. The Run dialog box should open.
    2. Type tpm.msc and press Enter.
    What Is Trusted Platform Module (TPM) and How Does It Work? image 5
    1. Once the TPM Management window opens, check that it says “The TPM is ready to use” under Status. Then confirm that the specification version under TPM Manufacturer Information is 2.0 or greater.
    What Is Trusted Platform Module (TPM) and How Does It Work? image 6

    If both of these bits of information are present and correct, you’re good to go. Just remember that it won’t show up here in the case of a firmware TPM unless toggled on in the BIOS.

    Windows 11 Needs More Than Just a TPM

    While the Trusted Platform Module has received most of the attention in the general panic about Windows 11 requirements, having a TPM in your computer isn’t enough by itself. While Windows 11 isn’t that power-hungry in terms of specifications, it also has other rather surprising requirements.

    Chief among these is the need for CPUs of a certain generation. You’ll need a computer with at least an 8th-generation Intel CPU or 2000-series Ryzen CPU otherwise, Windows will not work. Again, that’s as far as we know at the time of writing.

    So, despite having more than enough computing power, high-end 6th- and 7th- generation Intel CPUs and 1000-series Ryzen CPUs are limited to Windows 10.

    The only way to ensure that your current computer complies with all current requirements is to head to the official Windows 11 requirements page to check every requirement manually. Unfortunately, Microsoft has pulled their Windows 11 Health Checker app for the time being. You can also try the third-party and open-source WhyNotWin11 application, but you do so at your own risk!

    Leave a Reply

    Your email address will not be published. Required fields are marked *