
The Trusted Platform Module (TPM) was designed to provide hardware-based, security-related functions. It is a secure crypto-processor that is designed to carry out cryptographic operations. The chip includes multiple physical security mechanisms to make it tamper-resistant, and malicious software is unable to tamper with the security functions of the TPM. Kindly refer to some of these related guides: How to clear, enable or disable TPM in Windows via the BIOS or UEFI, BitLocker Back Door:TPM Only: From stolen laptop to inside the company network, how to fix your device cannot use a Trusted Platform Module, allow BitLocker without a compatible TPM, This device cannot use a Trusted Platform Module, allow BitLocker without a compatible TPM when turning on Bitlocker and how to enable Bitlocker Pre-Boot Authentication via the Group Policy.
Also, it is worth noting that, these features; Windows Hello, Fingerprint verification, and critical biometric data store their information on the TPM module. These information can not be stored somewhere else, otherwise, there will be consequences. Here are some related guides you may be interested in.
- Why does Microsoft require additional system requirements? How to check if you have Secure Boot and TPM enabled, and
- what is Measured Boot, Secure Boot, Trusted Boot, and Early Launch Anti-Malware: How to secure the Windows 10 boot process.
As you can see from the error message below, you do not have sufficient right to open the Trusted Platform Module Console.
Solution: Ensure you run the TPM Management console as an Administrator.
– Note: You will be required (prompted) to enter your administrative password. If you were an Administrator on the device, the requirement will not be needed.
Note: If you are an administrator of the device, you will not be having this issue in the first place.
As you can see below, we are able to access the TPM module with administrative rights. If you wish to do this in a domain environment, you should ask your system administrators to grant you the necessary rights to administer the device (TPM).
Note: If you have not enabled TPM on your device, boot into BIOS or UEFI. Navigate to the security section and Enable it. Ensure your device is restarted afterward. Here is an article describing the process “How to clear, enable or disable TPM in Windows via the BIOS or UEFI“.
I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.