A TPM (Trusted Platform Module) is used to improve the security of your PC.  It's used by services like BitLocker drive encryptionWindows Hello, and others, to securely create and store cryptographic keys, and to confirm that the operating system and firmware on your device are what they're supposed to be, and haven't been tampered with.

Typically, it's a separate chip on the motherboard though the TPM 2.0 standard allows manufacturers like Intel or AMD to build the TPM capability into their chipsets rather than requiring a separate chip.

An illustration of a computer chip

TPM has been around for over 20 years, and has been part of PCs since around 2005. In 2016 TPM version 2.0 - the current version as of this writing - became standard in new PCs.

When you encrypt something to protect it from prying eyes the encryption software takes the piece of data you want to encrypt and combines it with a long, random string of characters to form a new, encrypted, piece of data. The long, random string of characters used by the encryption software is the cryptographic key.

Note: The unencrypted data is called the "plaintext". The encrypted version of that data is called the "ciphertext".

Once it's encrypted, only somebody with the correct cryptographic key can decrypt it and read the original piece of data.

Does my PC already have TPM?

The odds are that your PC does already have TPM, and if it's less than 5 years old you should have TPM 2.0. 

To find out if your Windows 10 PC already has it go to Start > Settings > Update and SecurityWindows Security > Device Security. If you have it, you'll see a Security processor section on the screen.

Security processor details link

Tip: If you don't see the Security processor section it may be that your device has TPM but that the TPM is turned off. To learn how to turn it on see Enable TPM 2.0 on your PC.

The next step is to find out what version of TPM your PC has. Select Security processor details and on the screen that appears you're looking for the Specification version. It should say either "1.2" or "2.0".

Important: Windows 11 requires TPM version 2.0. For more information see Windows 11 System Requirements.

Want to learn more about TPM? See Trusted Platform Module Technology Overview.

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

What affected your experience?

Thank you for your feedback!

×