Skip to content

TechDirectArchive

Hands-on IT, Cloud, Security, Veeam & DevOps

  • Home
  • About
  • Advertise With US
  • Reviews
  • Contact
  • Toggle search form

This device cannot use a Trusted Platform Module, allow BitLocker without a compatible TPM when turning on Bitlocker

Posted on 04/11/201925/09/2023 IT Expert By IT Expert No Comments on This device cannot use a Trusted Platform Module, allow BitLocker without a compatible TPM when turning on Bitlocker
  1. Home
  2. Windows
  3. This device cannot use a Trusted Platform Module, allow BitLocker without a compatible TPM when turning on Bitlocker
device compatibility

BitLocker is a full volume encryption feature included with Microsoft Windows versions starting with Windows Vista. It is designed to protect data by providing encryption for entire volumes. By default, it uses the AES encryption algorithm in cipher block chaining or XTS mode with a 128-bit or 256-bit key. See this guide for information on Full Disk Encryption with PBA / without PBA, UEFI, Secure Boot, BIOS, File and Directory Encryption, and Container Encryption, how to enable FileVault disk encryption on a Mac device, BitLocker Drive Encryption architecture, and implementation scenarios. and the concept of DriveLock with a focus on encryption.

VMs and Desktops that do not support TPM can still use and benefit from BitLocker, and also have their keys saved to Active Directory, Microsoft Azure, or to a USB stick.

BitLocker without TPM

Furthermore, While trying to install Bitlocker Drive Encryption to the C: on my Windows 10 machine. See this guide “how to fix your device cannot use a Trusted Platform Module: Allow BitLocker without a compatible TPM”.

Trusted Platform Module

The following error was prompted on my Windows 10 Workstation, as shown in the image below.

BitLocker encryption

Let’s review the key term “TPM” and how to resolve this issue.

However, Trusted Platform Module (TPM) – This chip resides on newer processors with additional security features. With TPM, the encryption key is stored on the chip itself.

Note: If your chip does not support TPM, you can still use BitLocker, then you will have to save (store the keys) in a safe location such as Active Directory, Microsft Azure, or on a USB stick, etc. Kindly follow the procedures listed below to resolve this issue.

Nonetheless, To resolve this error, we must configure the local Group Policy settings to “Allow BitLocker without a compatible TPM.” Nevertheless, For more information on Group Policy, please see the following guides “what is Group Policy Object and how can it be launched“, how to analyze group policies applied to a user and computer account, and for a comprehensive list of articles I have written on GPO, please visit the following link.

Launch Group Policy and enable the following exception

- Using your keyboard ''Windows key+R'' or search for "run"
- Type: gpedit.msc then hit "ok" or press "Enter" on your keyboard
- Expand Administrative Templates then Windows Components 
- Bitlocker Drive Encryption then 
- Click Operating System Drives as shown below.

Therefore, Double-click or right-click “Require additional authentication at startup.”

click Edit and select enabled as shown below. 
- Select Enabled and 
- Check the box to allow BitLocker without compatible TPM in the Options section.
Note: Most times this option is selected by default.

The last steps involve enforcing the settings.

From the Start menu
- Type run or Press Windows Key + R to launch the run wizard
- Type cmd as shown below
- gpforce.exe /update and 
- Press Enter. 

That is all ;)

I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.

Rate this post

Thank you for reading this post. Kindly share it with others.

  • Share on X (Opens in new window) X
  • Share on Reddit (Opens in new window) Reddit
  • Share on LinkedIn (Opens in new window) LinkedIn
  • Share on Facebook (Opens in new window) Facebook
  • Share on Pinterest (Opens in new window) Pinterest
  • Share on Tumblr (Opens in new window) Tumblr
  • Share on Telegram (Opens in new window) Telegram
  • Share on WhatsApp (Opens in new window) WhatsApp
  • Share on Mastodon (Opens in new window) Mastodon
  • Share on Bluesky (Opens in new window) Bluesky
  • Share on Threads (Opens in new window) Threads
  • Share on Nextdoor (Opens in new window) Nextdoor
Windows Tags:Bitlocker, Encryption, Full Disk Encryption, TPM, Trusted Platform Module, Windows 10

Post navigation

Previous Post: Editions of MSSQL Server: What are the differences between various Editions of Microsoft SQL Server
Next Post: How to perform vulnerability scan on Microsoft SQL Server

Related Posts

  • Slide1 1
    Enable or disable Secure Boot in Windows via UEFI Firmware Settings Windows
  • fast user switching in windows 10 2
    To enable or disable fast User Switching in Windows 10 Windows
  • screenshot 2020 03 13 at 20.24.17
    How to view installed packages in Cygwin Windows
  • image 16
    How to Fix Windows Error 0x80070057 Windows
  • KIOSK AssignedAccess
    How to set up a Single App Kiosk Mode Configuration using a Local Account / MDM Bridge WMI Provider Windows
  • windows 7 stuck at loading screen thumbnail
    Disable the Windows welcome screen and shutdown screen Windows

More Related Articles

Slide1 1 Enable or disable Secure Boot in Windows via UEFI Firmware Settings Windows
fast user switching in windows 10 2 To enable or disable fast User Switching in Windows 10 Windows
screenshot 2020 03 13 at 20.24.17 How to view installed packages in Cygwin Windows
image 16 How to Fix Windows Error 0x80070057 Windows
KIOSK AssignedAccess How to set up a Single App Kiosk Mode Configuration using a Local Account / MDM Bridge WMI Provider Windows
windows 7 stuck at loading screen thumbnail Disable the Windows welcome screen and shutdown screen Windows

Leave a Reply Cancel reply

You must be logged in to post a comment.

Microsoft MVP

VEEAMLEGEND

vexpert-badge-stars-5

Virtual Background

GoogleNews

Categories

veeaam100

Veeam Vanguard

  • screenshot 2017 06 07 11.30.45
    How to Enable or Disable Touch Screen in Windows 10 Windows
  • upgrading Veeam BAckup and Replication to v13
    Upgrade Path and In-Place Upgrade for VBR v13 and Known Fixes Backup
  • Best Disk Partition Manager for Mac
    How to extend System Drive Partition on Windows Windows
  • HyperV
    Unable to PXE boot a HyperV VM: F12 key does not work anymore Virtualization
  • linux tux minimalism 4k 42 2560x1700 1 1
    Warning useradd: the home directory already exists. Not copying any file from skel director into it Linux
  • VMware vCenter Standalone
    Fix VMware vCenter converter standalone started but not running Virtualization
  • web application architecture main
    Request timed out and Destination Host Unreachable, Transit Failed, General Failure Windows
  • AppLocker
    Fix unable to start the Application Identity Service Windows

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,785 other subscribers
  • RSS - Posts
  • RSS - Comments
  • About
  • Authors
  • Write for us
  • Advertise with us
  • General Terms and Conditions
  • Privacy policy
  • Feedly
  • Telegram
  • Youtube
  • Facebook
  • Instagram
  • LinkedIn
  • Tumblr
  • Pinterest
  • Twitter
  • mastodon

Tags

Active Directory Azure Bitlocker Microsoft Windows PowerShell WDS Windows 10 Windows 11 Windows Deployment Services Windows Server 2016

Copyright © 2025 TechDirectArchive

Loading Comments...

You must be logged in to post a comment.