Skip to content

TechDirectArchive

Hands-on IT, Cloud, Security, Veeam & DevOps

  • Home
  • About
  • Advertise With US
  • Contact
  • Reviews
  • Toggle search form

This device cannot use a Trusted Platform Module, allow BitLocker without a compatible TPM when turning on Bitlocker

Posted on 04/11/201925/09/2023 IT Expert By IT Expert No Comments on This device cannot use a Trusted Platform Module, allow BitLocker without a compatible TPM when turning on Bitlocker
  1. Home
  2. Windows
  3. This device cannot use a Trusted Platform Module, allow BitLocker without a compatible TPM when turning on Bitlocker
device compatibility

BitLocker is a full volume encryption feature included with Microsoft Windows versions starting with Windows Vista. It is designed to protect data by providing encryption for entire volumes. By default, it uses the AES encryption algorithm in cipher block chaining or XTS mode with a 128-bit or 256-bit key. See this guide for information on Full Disk Encryption with PBA / without PBA, UEFI, Secure Boot, BIOS, File and Directory Encryption, and Container Encryption, how to enable FileVault disk encryption on a Mac device, BitLocker Drive Encryption architecture, and implementation scenarios. and the concept of DriveLock with a focus on encryption.

VMs and Desktops that do not support TPM can still use and benefit from BitLocker, and also have their keys saved to Active Directory, Microsoft Azure, or to a USB stick.

BitLocker without TPM

Furthermore, While trying to install Bitlocker Drive Encryption to the C: on my Windows 10 machine. See this guide “how to fix your device cannot use a Trusted Platform Module: Allow BitLocker without a compatible TPM”.

Trusted Platform Module

The following error was prompted on my Windows 10 Workstation, as shown in the image below.

BitLocker encryption

Let’s review the key term “TPM” and how to resolve this issue.

However, Trusted Platform Module (TPM) – This chip resides on newer processors with additional security features. With TPM, the encryption key is stored on the chip itself.

Note: If your chip does not support TPM, you can still use BitLocker, then you will have to save (store the keys) in a safe location such as Active Directory, Microsft Azure, or on a USB stick, etc. Kindly follow the procedures listed below to resolve this issue.

Nonetheless, To resolve this error, we must configure the local Group Policy settings to “Allow BitLocker without a compatible TPM.” Nevertheless, For more information on Group Policy, please see the following guides “what is Group Policy Object and how can it be launched“, how to analyze group policies applied to a user and computer account, and for a comprehensive list of articles I have written on GPO, please visit the following link.

Launch Group Policy and enable the following exception

- Using your keyboard ''Windows key+R'' or search for "run"
- Type: gpedit.msc then hit "ok" or press "Enter" on your keyboard
- Expand Administrative Templates then Windows Components 
- Bitlocker Drive Encryption then 
- Click Operating System Drives as shown below.

Therefore, Double-click or right-click “Require additional authentication at startup.”

click Edit and select enabled as shown below. 
- Select Enabled and 
- Check the box to allow BitLocker without compatible TPM in the Options section.
Note: Most times this option is selected by default.

The last steps involve enforcing the settings.

From the Start menu
- Type run or Press Windows Key + R to launch the run wizard
- Type cmd as shown below
- gpforce.exe /update and 
- Press Enter. 

That is all ;)

I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.

Rate this post

Thank you for reading this post. Kindly share it with others.

  • Share on X (Opens in new window) X
  • Share on Reddit (Opens in new window) Reddit
  • Share on LinkedIn (Opens in new window) LinkedIn
  • Share on Facebook (Opens in new window) Facebook
  • Share on Pinterest (Opens in new window) Pinterest
  • Share on Tumblr (Opens in new window) Tumblr
  • Share on Telegram (Opens in new window) Telegram
  • Share on WhatsApp (Opens in new window) WhatsApp
  • Share on Mastodon (Opens in new window) Mastodon
  • Share on Bluesky (Opens in new window) Bluesky
  • Share on Threads (Opens in new window) Threads
  • Share on Nextdoor (Opens in new window) Nextdoor
Windows Tags:Bitlocker, Encryption, Full Disk Encryption, TPM, Trusted Platform Module, Windows 10

Post navigation

Previous Post: Editions of MSSQL Server: What are the differences between various Editions of Microsoft SQL Server
Next Post: How to perform vulnerability scan on Microsoft SQL Server

Related Posts

  • VMware Error Fix
    How to fix “The process cannot access the file because another process has locked a portion of the file” Virtualization
  • App Locker
    Harden your Veeam Backup Server with Microsoft AppLocker Windows
  • HP driver
    Printer Driver Information: How to determine the version and type of a Printer Driver Windows
  • Prevent OS Reinstallation When Switching from Legacy BIOS to UEFI
    Prevent OS Reinstallation: Change from legacy BIOS to UEFI Windows
  • BitRecDelegation
    Delegate control for BitLocker recovery keys in Active Directory Windows
  • Featured image Microsoft diagnostic feedback disabled
    Prevent your PC from sending Diagnostics Feedback off via Windows Settings and Group Policy Windows

More Related Articles

VMware Error Fix How to fix “The process cannot access the file because another process has locked a portion of the file” Virtualization
App Locker Harden your Veeam Backup Server with Microsoft AppLocker Windows
HP driver Printer Driver Information: How to determine the version and type of a Printer Driver Windows
Prevent OS Reinstallation When Switching from Legacy BIOS to UEFI Prevent OS Reinstallation: Change from legacy BIOS to UEFI Windows
BitRecDelegation Delegate control for BitLocker recovery keys in Active Directory Windows
Featured image Microsoft diagnostic feedback disabled Prevent your PC from sending Diagnostics Feedback off via Windows Settings and Group Policy Windows

Leave a Reply Cancel reply

You must be logged in to post a comment.

Microsoft MVP

VEEAMLEGEND

vexpert-badge-stars-5

Virtual Background

GoogleNews

Categories

veeaam100

Veeam Vanguard

  • Watchguard Firewall 180504 100511 1
    WatchGuard Firebox XTM Device Image Backup Network | Monitoring
  • Banner 1
    How to Assign a Public IP to Azure Virtual Machine (VM) AWS/Azure/OpenShift
  • banner 3
    How to Create a React App with Vite Version Control System
  • PXE Boot to Install OS HyperV
    Run Hype-V on Windows 11 and Install Windows OS via PXE Boot Windows
  • powershell
    How to install the Microsoft PSWindowsUpdate module silently Scripts
  • ios microsoft remote desktop app
    Prevent the Saving of RDP Credentials in Windows 10 Windows
  • deactivateandreactivate
    How to deactivate and reactivate a Slack user JIRA|Confluence|Apps
  • screenshot 2020 03 13 at 20.24.17
    How to view installed packages in Cygwin on Windows Windows

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,791 other subscribers
  • RSS - Posts
  • RSS - Comments
  • About
  • Authors
  • Write for us
  • Advertise with us
  • General Terms and Conditions
  • Privacy policy
  • Feedly
  • Telegram
  • Youtube
  • Facebook
  • Instagram
  • LinkedIn
  • Tumblr
  • Pinterest
  • Twitter
  • mastodon

Tags

Active Directory Azure Bitlocker Microsoft Windows PowerShell WDS Windows 10 Windows 11 Windows Deployment Services Windows Server 2016

Copyright © 2025 TechDirectArchive

Loading Comments...

You must be logged in to post a comment.