How to Enable Secure Boot and TPM for Windows 11?
“This PC can’t run Windows 11” is one of the most common errors experienced by most users. For those who want to fix this problem, stay with us till the end to solve the problem.
During the release of Windows 11, Microsoft has made sure in the requirement section that you will need TPM 2.0 and Secure Boot enabled on your system. Since the “This PC can’t run Windows 11” error is experienced by users during the installation of Windows 11, the error stops the installation operation.
Table of Contents
TPM and Secure Boot:
TPM is a chip attached to your motherboard and is used to enhance hardware security. Any system that is created in 2016 or later possesses the TPM chip. The chip works as a security device against firmware.
On other hand, Secure makes sure which operating systems are allowed to be activated on the machine. Like TPM, Secure boot also works to protect your machine from threat as ransomware and invasive malware. However, it also brings restrictions to bring certain changes to your OS.
Both TPM and Secure Boot are present in Intel and AMD systems. If you have the chips, then you can easily enable Secure Boot and TPM for your Windows 11.
Check for TPM and Secure boot on your machine
Before you start the operation on enabling secure boot and TPM, let’s make sure you are having the required chips. Follow these simple steps to check either you have TPM and Secure boot option on your machine.
- First you will need to open Start menu on the bottom left of your screen.
- Now, type run and open the Run (you can also use shortcut key Windows+R).
- In Run, type “tpm.msc” and press Enter.
You will be placed in the System Information of your machine. There you will find BIOS Secure Boot and UEFI features. If you can’t find such features, then you don’t possess the TPM and Secure boot features.
For those who have the features, here is how to enable them.
Related Topic: Check your Systems Compatibility with Windows 11
Enable TPM and Secure Boot from Start Menu
Here we have enabled the TPM and Secure Boot in Windows 10, you can also enable the feature by following these steps:
Go to Start and open Settings.
In Settings you will find Update & Security, click on it and you will be placed to Advanced startup.
Click on Recovery which is right under Advanced startup. Here you will need to click on Restart now.
In Choose an option window, click on Troubleshoot.
Then click on Advanced options, select UEFI Firmware Settings.
“Click on Restart to change the UEFI settings” will appear, click on Restart.
Your system will restart and you will be placed on the Boot menu.
Note: you have to remember that each system has a different UEFI or boot menu. Whereas, in every system, you will find the same feature with a different name.
Now, you will select the Security section, then TPM settings. In TPM settings you will find TPM Device or TPM Security. You will also find PTT or Intel Trusted Platform Technology on Intel machines and AMD fTPM on AMD machines. Enable the feature, save the changes and exit the BIOS.
Related Topic: How to Bypass TPM and Secure Boot?
Enable TPM and Secure Boot from Start Up
Users who want to enable TPM and Secure Boot from startup, follow this method.
Start your machine.
Enter the BIOS by pressing the F2 key on your keyboard. The entry in BIOS can be different in other systems, here are the keys:
- Dell: F2 or F12.
- HP: Esc or F10.
- Acer: F2 or Delete.
- ASUS: F2 or Delete.
- Lenovo: F1 or F2.
- MSI: Delete.
- Toshiba: F2.
- Samsung: F2.
- Surface: Press and hold the volume up button.
Once entered the BIOS settings, go to UEFI Firmware Settings.
Then you will need to enter Security or Authentication.
Go to Secure Boot and enable it.
Save the changes and exit the BIOS.
The system will restart again and congratulation, you have successfully enabled secure boot and TPM for Windows 11.