What is Trusted Platform Module? How to check if you have TPM chip?

Ever wondered which devices support Windows Hello, Fingerprint verification, and critical biometric data – and where they store that data? Storing this data on your computer or phone can be risky. This is where TPM or Trusted Platform Module comes into the picture. In this post,  we will learn about the Trusted Platform Module and learn how to check if you have a TPM chip.

What is Trusted Platform Module

Trusted Platform Module or TPM is a specialized and dedicated chip which stores cryptographic keys. It acts as endpoint security for the devices which support it.

When someone owns a device, it generates two keys —

  1. Endorsement Key
  2. Storage Root Key.

These keys can only be accessed on the hardware level. No software program can access those keys.

Apart from these keys, there is another key called as Attestation Identity Key or AIK. It protects the hardware from unauthorized firmware and software modification.

Related: How to clear and update TPM firmware.

How to check if you have TPM chip

There are multiples ways to check TPM chip availability. However, you should know that it should be enabled at the hardware level so that security software security like Bitllocker can use it.

  1. Using TPM Management
  2. Enable it in BIOS or UEFI
  3. Using the Security Node in Device Manager
  4. Using WMIC command.

1] Open Trusted Management Module Management

Check TPM on computer

Type tpm.msc in the Run prompt, and hit enter. It will launch the Trusted Management Module Management.

If it says:

Compatible TPM cannot be found on this computer. Verify that this computer has 1.2 TPM or later and it’s turned on in the BIOS.

or anything similar, then you do not TPM on the computer.

Trusted Management Module Management

If it says:

The TPM is ready to use

You have it!

2] Check-in BIOS or UEFI

Restart the computer and boot into BIOS or UEFI. Locate the security section, and check if there is a setting similar to TPM Support or Security Chip or anything else. Enable it, and restart the computer after saving the settings.

3] Check with Device Manager

check if you have TPM chip

Use Win+X+M to open the Device Manager. Find if there is a Security devices node. If yes expand it and TPM with module number

4] Use WMIC in the Command Prompt

In an elevated command prompt, execute the command:

wmic /namespace:\\root\cimv2\security\microsofttpm path win32_tpm get * /format:textvaluelist.xsl

It will display a list of key-value pair.

If you see True in the result, it means that TPM is enabled; else you will see No instances available.

We hope the guide was straightforward and easy enough for you to figure out if the computer has TPM chipset.

Posted by on , in Category Windows with Tags
Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP. Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.

Leave a Reply

Your email address will not be published. Required fields are marked *

8 + 4 =