If your Windows computer undertook the latest version 11 update, chances are that you may have come across the term ‘TPM 2.0’. TPM stands for Trusted Platform Module, and Microsoft introduces it with the Secure Boot feature as mandatory requirements for any system that wants to upgrade to Windows 11.
If you wish to upgrade your computer to Windows 11 and have a Gigabyte motherboard, this guide is for you. We’ll briefly touch upon some important points and show how you can enable TPM on your Gigabyte motherboard in simple steps.
What is TPM?
TPM or Trusted Platform Module is a cryptographic technology. The basic function of this technology is to act as an additional layer of security and prevent unauthorized access to information like passwords and encryption keys. This technology can store other confidential information such as certificates and authentication measurements as well.
There are many forms of TPM. It can be installed as a standalone physical component that attaches to your motherboard, provided the motherboard has a socket for it. This installation is the safest variation of TPM. The Trusted Platform Module can also be a part of the CPU – either as a part of the chipset or as a line of code. This variation of TPM is equally, if not, similarly safe as the installation. Lastly, there are virtual TPMs. This variation is not recommended as it is vulnerable to security exploits and other bugs.
TPM 1.2 vs TPM 2.0
The Trusted Computing Group first introduced the TPM. Mainly, there are two versions – TPM 1.2 and TPM 2.0. TPM 1.2 was introduced in 2011 and its latest revision was released in 2015. The release of the first iteration of TPM 2.0 was in 2014, and the latest revision, in 2019 – making TPM 2.0 the newer and safer iteration of the TPM technology.
Microsoft’s initial announcement was TPM 1.2 for Windows 11. The company quickly changed that to 2.0 as this version has extra security algorithms. Plus, it offers platform-specific functionalities. Above that, TPM 2.0 provides features like public-key cryptography, asymmetric digital signature generation, etc.
Why Does Windows 11 Ask for TPM 2.0?
Many users widely utilize the Windows OS. This makes it a priority target for hackers and other security threats. One of the major improvements Microsoft claims to have in Windows 11 is in the security department – and TMP 2.0 reinforces that statement.
Almost every computer in the last 5 to 6 years can run some variation of TPM 2.0, and Microsoft wants to double down on this to make Windows 11 their safest operating system.
How to Check if TPM is Enabled on Your PC
First, launch ‘Settings’ from the Start Menu. You could also hold the Windows + I keys together to launch the app.
Select ‘Privacy & security’ from the left list of options on the Settings window.
Click ‘Windows Security’. It will be the first option under the ‘Security’ section of the ‘Privacy and security’ page.
Now, click on ‘Device security’ under ‘Protection areas’.
If you see a message that says ‘Your security processor, called the trusted platform module (TPM), is providing additional encryption for your device’ under ‘Security processor’ of the ‘Device Security’ window, TPM 2.0 is enabled on your computer.
Alternatively, you can use the ‘TPM Management on Local Computer’ interface to check if your computer has TPM enabled or not.
To do so, pull up the Run window by pressing the Windows+R keys together. Then in the dialogue box, type tpm.msc and hit Enter.
This will open a TPM Management window. If you see ‘The TPM is ready for use’ under the Status section, it means TPM 2.0 is enabled on your system.
How to Enable TPM on Your Gigabyte Motherboard BIOS Settings
To enable TPM on your Gigabyte motherboard, you will first need to get to the BIOS settings. But, before you proceed, here’s a warning.
Tampering with your BIOS settings can potentially break your computer and even stop it from booting up. We strictly recommend you follow the exact instructions to avoid making any unnecessary changes.
Enabling TPM on AMD Based Platforms
Here, we have an AMD-based system. The BIOS might look different if you are on an Intel-based platform. Understanding the process and knowing what to look for, will help you to easily navigate through the menus of any platform.
Now to enter the BIOS. First, switch on your computer. If it is already running, restart it. Then, press and hold Del or Delete key on the boot screen (before the Gigabyte logo appears). This is the key you need to press to enter the BIOS. It is universal across all Gigabyte motherboards.
When you first boot into BIOS, it will be on ‘EASY MODE’ as shown in the screenshot below. You need to get to the ‘ADVANCED MODE’ if you wish to enable TPM. Press ‘F2’ to switch to ‘ADVANCED MODE’.
The ‘ADVANCED MODE’ UI will look like the following screenshot. Now click on the ‘Settings’ tab.
Click the third option that says ‘Miscellaneous’ on the Settings tab.
From there, click on ‘AMD CPU fTPM’.
Next, click on ‘Enabled’ to turn on TPM.
TPM is now enabled on your Gigabyte motherboard. You can still check if TPM is enabled by booting back into the BIOS settings and clicking on ‘Trusted Computing 2.0’, instead of ‘AMD CPU fTPM’.
If it shows ‘TPM 2.0 Device Found’, TPM is successfully enabled on your Gigabyte motherboard. You will see the version of the TPM firmware and the vendor below this message (in this case, it is AMD).
Now, click on ‘Save & Exit’ to save the settings, exit the BIOS menu and boot back into Windows.
Next, click on ‘Save & Exit Setup’. Hit ‘Yes’ in the UAC box.
This will restart your computer, save the settings and boot back into Windows.
Congratulations you have now enabled TPM on your system and you are ready to upgrade to Windows 11.
Enabling TPM on Intel Based Platforms
The steps to enable TPM on an Intel-based Gigabyte motherboard are similar to the AMD process – only with a couple of minor differences. Here are the steps to enabling TPM on Intel-based platforms:
- Turn on your computer
- Press and hold the Del/Delete key on your keyboard
- After loading into the BIOS, press ‘F2’ to switch to advanced mode
- Click on ‘Peripherals’ and you will see ‘Intel Platform Trust Technology’ (PTT)
- Click on PTT and switch to ‘Enabled’
- Save and exit. Load back into BIOS again
- Click on ‘Trusted Computing’ to see the firmware version and the vendor ‘INTC’