Ever wondered which devices support Windows Hello, Fingerprint verification, and critical biometric data – and where they store that data? Storing this data on your computer or phone can be risky. This is where TPM or Trusted Platform Module comes into the picture. In this post, we will learn about the Trusted Platform Module and learn how to check if you have a TPM chip.
What is Trusted Platform Module
Trusted Platform Module or TPM is a specialized and dedicated chip which stores cryptographic keys. It acts as endpoint security for the devices which support it.
When someone owns a device, it generates two keys —
Storage Root Key.
These keys can only be accessed on the hardware level. No software program can access those keys.
Apart from these keys, there is another key called as Attestation Identity Key or AIK. It protects the hardware from unauthorized firmware and software modification.
There are multiples ways to check TPM chip availability. However, you should know that it should be enabled at the hardware level so that security software security like Bitllocker can use it.
Using TPM Management
Enable it in BIOS or UEFI
Using the Security Node in Device Manager
Using WMIC command.
1] Open Trusted Management Module Management
Type tpm.msc in the Run prompt, and hit enter. It will launch the Trusted Management Module Management.
If it says:
Compatible TPM cannot be found on this computer. Verify that this computer has 1.2 TPM or later and it’s turned on in the BIOS.
or anything similar, then you do not TPM on the computer.
If it says:
The TPM is ready to use
You have it!
2] Check-in BIOS or UEFI
Restart the computer and boot into BIOS or UEFI. Locate the security section, and check if there is a setting similar to TPM Support or Security Chip or anything else. Enable it, and restart the computer after saving the settings.
3] Check with Device Manager
Use Win+X+M to open the Device Manager. Find if there is a Security devices node. If yes expand it and TPM with module number
4] Use WMIC in the Command Prompt
In an elevated command prompt, execute the command:
wmic /namespace:\\root\cimv2\security\microsofttpm path win32_tpm get * /format:textvaluelist.xsl
It will display a list of key-value pair.
If you see True in the result, it means that TPM is enabled; else you will see No instances available.
We hope the guide was straightforward and easy enough for you to figure out if the computer has TPM chipset.
Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP since then. Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.