The TPM Chip, also known as the Trusted Platform Module is a hardware security module on your motherboard, designed by the Trusted Computing Group Consortium. is designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. The chip includes multiple physical security mechanisms to make it tamper-resistant, and malicious software is unable to tamper with the security functions of the TPM. Kindly refer to the following TPM-related guides: How to upgrade Windows 10 with an unsupported CPU and TPM 1.0 to Windows 11, How to Install Windows 11 in Oracle VirtualBox with no TPM Support, How to delegate permissions for backing up TPM password, How to clear the TPM via the management console or Windows Defender Center App.
Kindly refer to these related guides: How to determine if TPM is present and how to enable TPM in the BIOS via the Command Prompt, How to delegate permissions for backing up TPM password, and how to fix your device cannot use a Trusted Platform Module: Allow BitLocker without a compatible TPM.The image below is from the MBAM reports stating te device isn’t compliant and the reason for it.
On MBAM reports, the following status may be displayed “unable to find compatible TPM”. This error was prompted because TPM wasn’t enabled in the BIOS or the device does not have a compatible TPM
To resolve this issue, it is actually very simple. You will need to enable the TPM in the BIOS. Below are some guides on TPM that will help you learn more about this utility: How to determine if TPM is present and how to enable TPM in the BIOS via the Command Prompt,
To enable TPM (Trusted Platform Module), follow the steps discussed below; Kindly refer to this guide for more information “how to clear, enable or disable TPM in Windows via the BIOS or UEFI“, and “How to clear the TPM via the management console or Windows Defender Center App“.
- Boot computer using F2 into the BIOS setup mode
- Locate the “Security” option on the left and expand
- Locate the “TPM” option nested under the “Security” setting
- To enable the TPM settings you must check the box saying: “TPM Security” to enable the TPM hard drive security encryption
- Ensure the “Activate” radio button is turned on in order to ensure the TPM option works
- If the TPM is ‘Deactivated’, or the TPM Security is not enabled the drive will not encrypt until those settings are made
- TPM changes sometimes need to be verified by restarting after they are applied.
When the TPM has been enabled in the BIOS, there are numerous ways to determine this. You can check this via the following basic steps “Device Manager, and the TPM Management snap-in (
tpm.msc), or via the Windows Settings”. Kindly take a look at this guide for other steps to determine if TPM is present on your device: How to check if you have Secure Boot and TPM enabled.
As you can see below, the device has been encrypted and the MBAMagent can now proceed and have the drive encrypted.
Below is the result of a successfully encrypted device.
I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.