Open In App

How to Enable TPM and Secure Boot in BIOS for Windows 11

Last Updated : 23 Jul, 2025
Comments
Improve
Suggest changes
Like Article
Like
Report

Windows 11 and Windows 10 have certain system requirements to enhance security which includes the need for TPM i.e. Trusted Platform Module and Secure Boot. These two features ensure that your system runs smoothly and securely. If your PC does not have them enabled in your Windows 11 PC, then you can enable it manually by following a few steps.

How-to-enable-TPM-and-Secure-Boot-in-BIOS-for-Windows-11
How to Enable TPM and Secure Boot in BIOS for Windows 11

In addition to this, we're going to discuss the steps to enable TPM and Secure Boot on your Windows 10 and Windows 11 systems.

What is TPM and Secure Boot

Before we jump into the step to enable TPM and Secure Boot, let's understand what they are and what their importance is in Windows 10 and Windows 11.

TPM (Trusted Stage Module)

TPM is a hardware-based security arrangement coordinated into advanced frameworks. It gives secure capacity for cryptographic keys, passwords, and certificates, making it significant for highlights like BitLocker encryption and Windows Hello.

Why is it required for Windows 10 or Windows 11?

Windows 10 and Windows 11 both require TPM 2.0 to enable full encryption in their functionality to protect from any security threats.

Secure Boot

Secure Boot is a highlight that guarantees your computer boots are utilized as if they were a trusted program. It prevents pernicious computer programs, such as rootkits or rootkits, from stacking amid the startup process.

Why Secure Boot is require for Windows 10 and Windows 11?

This ensures that your system is enabling only trusted, signed software and this barricade provides shield against any suspicious threats or malware to the PC.

How to Check TPM and Secure Boot Status in Windows 11

Before you empower these highlights, check whether TPM and Secure Boot are as of now empowered on your system.

1. Check TPM

Below are the steps to check the current status of TPM so that you can enable it if it's not.

  • Press Windows + R to open the Run dialog.
  • Type tpm. msc and press Enter.
TPM-and-Secure-Boot-in-BIOS-for-Windows-11
Win + R
  • In the TPM Administration window, see beneath "Status." If it says “The TPM is prepared for use,” you are great to go. Something else, take after the steps underneath to empower it.
TPM-and-Secure-Boot-in-BIOS-for-Windows-11--2
TPM Administration window

2. Check Secure Boot

Likewise TPM, you also need to ensure that your system has secure boot enabled to protect against many malware. Here's how you can do it:

  • Press Windows + R, sort msinfo32, and press Enter.
  • In the Framework Data window, see "Secure Boot State." If it says “On,” Secure Boot is as of now enabled.
msinfo32
msinfo32

Steps to Enable TPM & Secure Boot in BIOS for Windows 10 and Windows 11

Step 1: BIOS/UEFI Settings

Before you can enable TPM and Secure Boot, you need to access your computer's BIOS or UEFI settings. This is typically done during the boot process:

  • Restart your PC.
  • As your PC starts up, press the designated key to enter the BIOS/UEFI settings. This key is usually displayed on the screen during boot, often as one of the following:
    • Delete or Del (Common for many desktops)
    • F2 or Esc (Common for laptops)
  • If you are unsure of the key, check your computer's manual or the manufacturer’s website.

What to do if you can't access BIOS?

  • Check your manufacturer’s website for the correct BIOS access key.
  • If you’re using Windows 10 or Windows 11, you can access UEFI settings by going to:
    • Settings > Update & Security > Recovery > Restart Now > Troubleshoot > Advanced Options > UEFI Firmware Settings.

Step 2: Enable TPM in BIOS

Once you’re inside the BIOS/UEFI settings, follow these steps to enable TPM:

1. Locate the TPM settings

  • The exact location of TPM settings can vary depending on the manufacturer of your motherboard or laptop. Typically, you’ll find it under the Security or Advanced tab.

2. Enable TPM

  • Look for an option called TPM, PTT (Platform Trust Technology), or Security Device. If you see TPM 2.0 or PTT, make sure it is enabled.
  • If TPM is disabled, use the arrow keys to select it and change the setting to Enabled.

3. Save and Exit

  • After enabling TPM, press F10 to save the changes and exit BIOS/UEFI.
  • Your system will reboot.

Step 3: Enable Secure Boot in BIOS

Now that TPM is enabled, you can enable Secure Boot:

1. Find the Secure Boot option

  • Go to the Boot tab or the Security tab, where Secure Boot is usually located.

2. Enable Secure Boot

  • Select the Secure Boot option, and change the setting to Enabled.

3. Save and Exit

  • Press F10 to save the changes and exit BIOS/UEFI. This will reboot you system.

Step 4: Verify TPM and Secure Boot Are Enabled

After your PC reboots, you’ll need to verify that TPM and Secure Boot are enabled:

1. Check TPM

  • Press Win + R to open the Run dialog.
  • Type tpm.msc and press Enter.
  • In the TPM Management on Local Computer window, check the Status. It should say The TPM is ready for use.
tpm02
Check TPM

2. Check Secure Boot

  • Press Win + R and type msinfo32 to open the System Information tool.
  • In the System Summary, look for Secure Boot State.
  • It should say On if Secure Boot is enabled.
msinfo32
msinfo32

Conclusion

Enabling TPM and Secure Boot is essential to ensure that your Windows 10 or Windows 11 is safe and secured. By following the above steps, you can easily enable these features, all need is to make sure that your system is compatible and if encounter any issue, contact the Brand Manufacturer for additional support.


Article Tags :

Similar Reads