If you have a new PC, it most certainly has a TPM chip installed on the motherboard. If this is the case, you can enable TPM in BIOS to meet the minimum system requirements for installing Windows 11. In this guide, you’re going to learn how to enable TPM 2.0 on Dell laptops from BIOS.
Meanwhile, You may easily enable TPM 2.0 in BIOS if you wish to install Windows 11 on your machine and the Microsoft PC Health Check App says your device can’t run Windows 11, even though it satisfies the criteria.
What You Will Learn Here:
How to Check if Your Dell Has TPM Chip for a Windows 11 Upgrade
The TPM chip interacts with various security mechanisms on a PC. To grant users access, all devices, whether a fingerprint reader or Windows Hello face recognition, must communicate with the TPM.
- Press Windows key + R to open Run.
tpm.mscand then press enter.
- When the TMP Management window appears, you will be able to check whether or not the TPM is present on your device. These are the requirements to check for and MUST be present in order to enable device encryption.
If the TPM is not discovered or disabled in the BIOS or UEFI, this message will appear under Status: Compatible TPM cannot be found.
How to Enable TPM 2.0 on Dell Laptops From BIOS
Here’s how to activate TPM 2.0 from BIOS on Dell laptops:
Note: This method works on Dell Latitude, OptiPlex, Precision, Vostro, and XPS.
Some Dell systems do not include a TPM (Trusted Platform Module) module, instead of relying on PTT (Platform Trust Technology). PTT is a less expensive alternative to the TPM that performs the same functions. There isn’t much of a distinction between TPM and PTT in terms of how they interact with bit locker from an OS standpoint.
Press the F2 key to go directly to Dell BIOS.
Select Security from the left-hand side pane and then turn on Intel Platform Trust Technology On under the Intel Platform Trust Technology menu.
Once, you have enabled both PTT and Secure Boot, click EXIT on the bottom right-hand corner.
If you’re prompted that Do you want to save changes? Simply, Select Yes.
What Exactly is a TPM, and How Does it Work?
There are two types of security: software security and hardware security. When done correctly, software security is an effective way of stopping hackers from infiltrating a system. However, because software is more flexible by nature — its code can be updated — there is always the possibility that a clever hacker or an exploit may be discovered, allowing attackers to access critical information.
However, as the name indicates, hardware security is hardcoded. The cryptographic keys are unchangeable unless the hacker knows exactly what they are in advance.
“PCs of the future require this contemporary hardware root-of-trust to help guard against both common and complex assaults like ransomware, as well as more sophisticated attacks from nation-states,” said David Weston, director of the enterprise and OS security at Microsoft, in a blog post. “By mandating the TPM 2.0, we raise the bar for hardware security by demanding that built-in root-of-trust.”
Furthermore, the TPM chip interacts with various security mechanisms on a PC. To grant users access, all devices, whether a fingerprint reader or Windows Hello face recognition, must communicate with the TPM.
What are the Changes Between TPM 1.2 and TPM 2.0?
- TPM 2.0 is an upgrade over TPM 1.2, and while they are comparable, TPM 2.0 is not compatible with TPM 1.2.
- TPM 1.2 is a one-size-fits-all standard, whereas TPM 2.0 contains platform-specific requirements that specify whether elements of the library are required or optional.
- When it comes to TPM 1.2 algorithms, SHA-1 and RSA are mandatory, but AES is optional. For hashes, TPM 2.0 requires SHA-1 and SHA-256.
- TPM 2.0 employs RSA and ECC with a Barreto-Naehrig 256-bit curve and a NIST P-256 curve for public-key cryptography and asymmetric digital signature creation and verification
- The TPM 2.0 generates symmetric digital signatures utilizing the HMAC and 128-bit AES symmetric-key algorithms.
So, these were the steps to enable TPM 2.0 on Dell laptops from BIOS settings.