Latest version from Windows is finally hereHowever, there is a tantalizing new requirement if you want to upgrade from Windows 10: Your PC will need to enable a security feature called TPM. You may not have heard of it yet, but your device may already have it installed – it may be disabled by default. If you’re having trouble upgrading a compatible device in another way, one small switch may be to blame.
What is TPM and Secure Boot?
Microsoft Windows 11 System Requirements mentions a new requirement that did not exist in previous versions of the operating system: the Trusted Platform Module (TPM). More specifically, it requires TPM 2.0, which was first released in 2014.
Sometimes a TPM is a chip built directly into your device’s hardware, or – more commonly for consumer PCs – a type of firmware supported by the processor. TPMs are tamper-resistant, making it extremely difficult for anyone to steal any of the data they store or the encryption keys they generate.
The reliability and security of this chip constitute what is referred to as “Root of trust in hardware. Essentially, a TPM is an item your system can always trust to be secure, like a fireproof lock box in your home where you store important documents. This enables security features that can help protect your computer like Encrypt your storage drives or Using login information such as fingerprints or facial recognition. This is only possible because there is a secure place on your computer to store encryption keys or biometric data that would not be secure.
One of the many features that TPM enhances is Secure Boot. This feature prevents malware from running when your computer starts by allowing only programs that are cryptographically signed to run when you start them (although you can turn them off If you need to).
Why is it required for Windows 11
Despite all the confusion about this new requirement, it is not actually the case who – which the new. Microsoft pre-ordered TPM 2.0 in new PCs Since 2016 You are running any version of Windows 10 desktop. If you bought a Windows 10 device from a store in the past several years, there’s a good chance you’re already covered and that you can install Windows 11 now. Just head to Settings > Windows Update > Check for updates.
However, this still leaves a large number of PCs on the market. custom computersFor example, motherboards and processors that do not have a TPM or do not enable it by default can be used. Many Windows devices are protected, but some are not, which makes it difficult to consistently deploy security features.
A prime example of this is Microsoft’s attempts to terminate Passwords for Microsoft accounts completely. passwords are, Paradoxically, are difficult for humans to remember and often easy for attackers to bypass. The company has pushed alternatives to passwords that use authenticators on your phone, biometric data or even a PIN that — if stored in a TPM — can be more secure than a password and easier to use.
While some of these features are possible on non-TPM devices, it is much safer if you have one. Requiring a TPM on all Windows 11 devices allows Microsoft to set a security floor. The downside is that it may leave some people with capable computers. For Microsoft, this is a trade-off worth making.
How to turn on TPM and secure boot
Leaving old PCs behind when a new version of Windows is released is nothing new, but this specific requirement has left many people confused as some PCs Should Be able to run Windows 11 well they are supposedly incompatible.
This is partly because older versions of PC Health Check, a downloadable Microsoft tool that tells you if your devices are eligible for an upgrade, simply missed if the TPM isn’t enabled on your device. Fortunately, the latest version It will tell you if the TPM is the problem. You might encounter this problem if you built your own computer or got someone else to do it for you. Many motherboards Compatible with TPMBut some gaming motherboards have skimped on the feature in favor of other bells and whistles.