Skip to content
Home » How to enable TPM 2.0

How to enable TPM 2.0

How to enable TPM 2.0 Keep your Laptop, Desktop PC, or Gaming PC Safe and Secure

If you want to keep your laptop, desktop PC, or gaming PC safe and secure (and to simply use certain features), TPM is essential. The TPM 2.0 specification was released in 2014, but for a long time, most PCs and laptops had been using the older TPM 1.2. Now, with Windows 11 making 2.0 essential, it’s the go-to for many modern rigs.

Want to make sure TPM 2.0 is enabled so your system stays secure and future-proof? You’ve come to the right place. In this guide, we’ll walk you through everything you need to know, step by step, from checking if TPM is already active to enabling it for ASUS and MSI motherboards. We’ll cover:

What is TPM and TPM 2.0? 

TPM stands for Trusted Platform Module. It is a small security chip on a computer or PC motherboard which is designed to store and protect sensitive data. This includes passwords, login credentials, encryption keys, digital certificates, and even bits of your system’s integrity checks, — basically, the stuff that keeps your data secure.

TPM 2.0 is the most up-to-date version of Trusted Platform Module. Before this, there was TPM 1.2, which was the standard for years. While TPM 2.0 is now the go-to on most new PCs and laptops, some older systems may still run on 1.2.

Wondering if TPM 2.0 is really that important for your setup? With Windows 11 requiring TPM 2.0 for key security features, and with encryption tools like BitLocker relying on it, having it enabled isn’t just a nice-to-have; it’s a must for a future-proof and secure setup. 

How to check if TPM is already enabled

Most newer devices come with TPM 2.0 already enabled, so there is a chance you already have it on without realising. The exception to this rule, however, is custom PCs, which rarely have it enabled automatically. 

Finding out if you have it enabled on Windows is very straightforward. Simply do the following: 

  1. Hit the “Windows” key and the “R” key together to bring up the “Run” dialogue. 
  2. Type “tpm.msc” and enter or click okay. This will bring up a window with the title “TPM Manager on Local computer”. 
  3. Look at “Specification Version”, found under the “TPM Manufacturer Information” section at the bottom of the page. This will tell you what TPM specification your system is running on.

Got macOS or ChromeOS and are wondering how to check for TPM? The simple answer is you don’t need to. These two operating systems use TPM in a different way. With macOS, you don’t get a TPM chip. You instead have a Secure Enclave. It has the same functions as a TPM, such as storing and protecting login credentials, but the system handles it automatically, so there is no need to check if it is enabled. 

With Chromebooks, there is a TPM included, but it’s firmware-integrated and managed by ChromeOS itself. Users don’t need to check or enable it, as the OS automatically uses it for device integrity and encryption.

How to enable TPM 2.0

Before you dive in, make sure to get your rig ready. While enabling TPM 2.0 doesn’t have to be complicated, there are a few things to do and bear in mind:

  • Save all your work: Enabling your TPM involves rebooting into BIOS/UEFI and restarting outside of Windows, which means any unsaved stuff like games, docs, or browser tabs vanish if you don’t save. It’s also worth backing up your important data, just in case. 
  • Find out what your BIOS key is: It is usually either F1, F2, F10, DEL, or Esc, but check your laptop/PC manual to be sure. 
  • Only change what you understand: You’ll come across a lot of complex tech jargon, which can stump even those with a lot of nerdy tech knowledge. Just stick to the TPM and Secure Boot for now.

Most modern PCs, whether Intel or AMD, follow a similar enabling process. In the following sections, we’ll look at specific setups, but here are some universal steps to enabling TPM 2.0 for all PCs and laptops that are TPM 2.0 compliant: 

  1. Restart your PC and enter BIOS/UEFI by pressing the BIOS/UEFI key repeatedly as your PC starts (Del, F2, F10, or ESC & — check your manual).
  2. Look for a section called Security, Advanced, or Trusted Computing. TPM may appear as:
  • TPM Device
  • PTT (Intel Platform Trust Technology)
  • fTPM (AMD Firmware TPM)
  • Security Device
  • Security Device Support
  • TPM State
  • AMD fTPM switch
  • AMD PSP fTPM
  • Intel PTT
  • Intel Platform Trust Technology
  1. If the TPM is listed as disabled, switch it to enabled. 
  2. (Optional) Enable Secure Boot, which is usually found nearby under Boot or Security.
  3. Press the key for Save & Exit (this is often F10, but again, you should refer to your manual). At this point, your PC will restart. 
  4. Check whether your TPM is enabled to see if these steps have worked. If not, double-check your BIOS settings to make sure TPM (PTT/fTPM) is actually switched on, then reboot again, — sometimes it just needs a nudge to take effect.

How to enable TPM 2.0 in BIOS on ASUS motherboards

Want to know how to enable TPM 2.0 in BIOS on an ASUS specifically? This is really straightforward and follows largely the same steps as the universal instructions above, with a couple of tweaks. Here is the full step-by-step rundown: 

  1. Restart your PC or laptop and press the BIOS key repeatedly (usually DEL or F2 on ASUS) to enter BIOS.
  • Note: You may find yourself in EZ Mode first. Press F7 to go into advanced mode, where you’ll find what you need to enable TPM 2.0. 
  1. For Intel ASUS systems:
    1. Open PCH-FW Configuration (sometimes called PCH Configuration)
    2. Find PTT or TPM Device Selection.
    3. Set it to Enabled or PTT.
  2. Or for AMD ASUS systems:
    1. Select AMD fTPM Configuration.
    2. Set fTPM to Enabled.
  3. (Optional) Enable Secure Boot by going to Boot > Secure Boot > Enabled.
  4. Press F10 or select Save & Exit, confirm changes, and wait for the reboot. 
  5.  Check whether your TPM is enabled to see if these steps have worked. 

How to enable TPM 2.0 in BIOS on MSI motherboards

Unlike ASUS boards, MSI motherboards group TPM settings under a single “Trusted Computing” menu, which makes them even easier. Here are the steps to enabling TPM 2.0 on an MSI board — bear in mind that the only real changes here are the names of the menu items and toggles.

  1. Restart your PC and press DEL to enter MSI BIOS.
  • Note: You may find yourself in EZ Mode first. Press F7 to go into advanced mode, where you’ll find what you need to enable TPM 2.0. 
  1. Find TPM settings by navigating to Settings > Security > Trusted Computing.
  2. Find Security Device Support and set it to Enabled.
  3. Check TPM Device Selection:
  • Choose PTT for Intel systems.
  • Choose fTPM for AMD systems
  1. (Optional) Set Boot Mode Select to UEFI, then go to Open Secure Boot and set it to Enabled.
  2. Press F10, confirm your changes, and allow the system to restart.
  3.  Check whether your TPM is enabled to see if these steps have worked. 

How to enable TPM 2.0 on OEM PCs and laptops

Not on an ASUS or MSI board? No problem, — most OEM laptops and desktops from Dell, HP, Lenovo, and similar brands follow the same basic principles. You just need to know where to look in their BIOS/UEFI. Here are the basic steps for OEM systems:

  1. Restart your PC and press the manufacturer’s BIOS key as it boots:
  • Dell: F2
  • HP: ESC ? F10
  • Lenovo: F1 or F2
  1. Navigate to the Security section.
  2. Look for TPM, TPM Security, or fTPM/PTT depending on the CPU and set to enabled.
  3. Save the changes and reboot.
  4.  Check whether your TPM is enabled to see if these steps have worked. 

Pro tip: OEMs may use slightly different names, but if you see anything referencing TPM, PTT, or fTPM, that’s where you need to toggle it. Once enabled, Windows will recognise TPM 2.0, and your system is good to go.

How to enable TPM 2.0 on Windows 11 and Windows 10

You can’t actually enable TPM 2.0 directly through Windows 11 or Windows 10. This is because TPM lives in your system’s firmware (BIOS/UEFI), not the operating system itself. Windows can detect and use TPM once it’s enabled, but it can’t switch it on for you.

TPM 2.0 is a requirement for Windows 11, as Microsoft relies on it to support modern security features like Secure Boot and BitLocker. If TPM 2.0 isn’t enabled, Windows 11 will usually refuse to install. Windows 10, on the other hand, doesn’t require TPM 2.0 and will happily run without it, although it does support both TPM 1.2 and 2.0 if they’re available.

TPM 2.0 FAQs

As you can see, enabling TPM 2.0 is a simple process, so it shouldn’t throw up too many issues. But if you have any lingering queries or concerns, read our FAQs below to find out even more about the process. 

What does “TPM device not detected” mean? 

If this error message pops up when you first turn on your device, the first thing to do is check whether your TPM is enabled. If it isn’t, follow the steps to enable it and try again. If this still doesn’t work, you can also try clearing your TPM. However, this should be your last port of call, as this means you will lose all your sensitive data, including saved keys and passwords.

To do this, follow these steps: 

  1. Restart your PC and enter BIOS/UEFI by repeatedly pressing one of F1, F2, F10, DEL, or Esc.
  2. Find the TPM settings, usually under Security, Advanced, or Trusted Computing. On Intel systems, you might see PTT, or fTPM on AMD.
  3. Select “Clear TPM” or “Reset TPM”.
  4. Press F10 or select Save & Exit. The PC will restart, and TPM will be reset.
  5. Press Win + R, type tpm.msc, and make sure the TPM shows as ready and enabled.

Still getting the error message pop-up after this step? It’s time to get your device seen by an expert. 

How is TPM 2.0 different from Secure Boot?

Secure Boot and TPM 2.0 (and TPM 1.2 for that matter) are both forms of security, but they differ in how they protect your data. TPM 2.0 is a hardware chip that securely stores passwords and other sensitive data, while Secure Boot checks the integrity of your operating system during boot. If anything suspicious tries to load before Windows boots, Secure Boot blocks it. Both play different roles, so it’s a good idea to have both enabled on your rig.

Does my laptop or PC support TPM 2.0?

Not every PC and laptop actually supports TPM 2.0, with many still relying on the older TPM 1.2. The easiest way to find out is to check whether you already have TPM enabled, and if it is, check what specification. If TPM is not enabled, follow the steps to enable it and then check to see which specification you have. For OEM laptops or desktops, you can also double-check the manufacturer’s specs online, — most brands list TPM 2.0 support explicitly.

If it is 1.2, you cannot upgrade to 2.0 without upgrading your hardware. If you have an older laptop or desktop, it is less likely to support 2.0.

Will enabling TPM 2.0 delete my data?

No, enabling TPM 2.0 shouldn’t delete your data. By enabling it, all you are doing is turning on a hardware security feature, so this doesn’t touch your files, games, or programs. That being said, it’s always worth backing up important data when doing any form of update, just in case something does glitch or go wrong.

Whether you’re enabling TPM 2.0 for Windows 11, or you just want to double-check you have it enabled, you should feel confident in doing so after reading this guide. For more tips, guides, and in-depth advice on optimising your setup, be sure to check out the rest of our core knowledge hub and blog. Looking to upgrade or build a gaming PC that’s ready for Windows 11 and beyond? At CyberPowerPC UK, we’ve got a full range of gaming PCs, desktop PCs, and laptops, plus all the essential gear you need. Whether you’re a gamer, streamer, or tech enthusiast, shop our collection today and make sure your system is set up for peak performance.

Tags: