“TPM device not detected” means your computer can’t find or communicate with its Trusted Platform Module, a security chip responsible for storing encryption keys, passwords, and certificates. This message typically appears during startup, in your BIOS settings, or when trying to upgrade to Windows 11. In most cases, the TPM is physically present but simply turned off in your system’s firmware settings.
What a TPM Actually Does
A TPM is a small chip (or firmware-based equivalent) that handles security tasks your operating system relies on. It stores encryption keys for features like BitLocker drive encryption, manages login credentials, and verifies that your system hasn’t been tampered with since it last booted. Think of it as a secure vault built into your computer’s hardware, one that’s much harder to break into than software-only security.
Windows 11 requires TPM version 2.0. If your TPM is an older 1.2 version, or if Windows can’t see it at all, you’ll hit a wall trying to install or upgrade. The “not detected” error doesn’t necessarily mean the chip is missing or broken. It often means the feature is disabled, misconfigured, or using the wrong driver.
Why Your Computer Can’t Find the TPM
Several things can cause this error, ranging from a simple toggle in your settings to a genuine hardware limitation.
- The TPM is disabled in BIOS/UEFI. This is the most common cause. Many manufacturers ship computers with the TPM turned off by default, especially on older systems or custom-built desktops.
- Your BIOS is set to Legacy mode. TPM 2.0 only works with UEFI firmware in native mode. If your system is running in Legacy or Compatibility Support Module (CSM) mode, Windows won’t detect a TPM 2.0 chip even if one is present. Switching to UEFI mode and enabling Secure Boot resolves this.
- A non-Microsoft TPM driver is installed. Third-party TPM drivers can prevent Windows from loading its own default driver. This is especially common with BitLocker, which may report no TPM is present when the issue is purely a driver conflict.
- The active TPM was switched. Some systems have multiple TPMs (for example, both a firmware TPM in the CPU and a discrete chip on the motherboard). If you toggled between them in your UEFI settings, Windows may lose track of the TPM entirely. Windows doesn’t handle TPM switching well.
- Your system genuinely lacks a TPM. Computers manufactured before mid-2016 may not have any TPM hardware. After July 28, 2016, all new device models were required to include and enable TPM 2.0 by default.
How to Check Your TPM Status
Before changing anything, it’s worth confirming what Windows currently sees. Press the Windows key, type tpm.msc, and hit Enter. This opens the TPM Management console. If a TPM is detected, you’ll see its specification version under “TPM Manufacturer Information.” If the version listed is below 2.0, your system doesn’t meet Windows 11 requirements. If the console says no compatible TPM is found, the module is either disabled or absent.
You can also check through Settings. Go to Settings > Update & Security > Device Security (or Windows Security > Device Security). Look for “Security processor details.” If nothing appears there, Windows isn’t communicating with a TPM.
How to Enable TPM in Your BIOS
If your computer was made after 2016, there’s a good chance the TPM exists but is simply turned off. You’ll need to enter your UEFI firmware settings to enable it. Restart your computer and press the appropriate key during boot (usually Delete, F2, F10, or F12, depending on your manufacturer).
Once inside, the challenge is finding the right setting. Manufacturers use different names for the same thing. On Intel systems, look for “Intel PTT” or “Intel Platform Trust Technology.” On AMD systems, look for “AMD fTPM” or “AMD PSP fTPM.” You might also see it labeled as “Security Device,” “Security Device Support,” or simply “TPM State.” These settings are usually found under a Security, Advanced, or Trusted Computing menu.
Set the option to Enabled, then save and exit. Windows should detect the TPM on the next boot. Run tpm.msc again to confirm it’s now visible and check the version number.
Switching From Legacy BIOS to UEFI Mode
If your system is running in Legacy BIOS mode, enabling the TPM setting alone won’t help. TPM 2.0 requires native UEFI mode. In your firmware settings, look for a Boot Mode or CSM option and set it to UEFI Only, with CSM disabled. You should also enable Secure Boot while you’re there, as it works alongside TPM for full security.
One important caveat: switching from Legacy to UEFI mode can prevent your existing Windows installation from booting if it was set up with the older MBR (Master Boot Record) disk format rather than GPT. Before making this change, verify your drive uses GPT partitioning, or you may need to convert it first. You can check by opening Disk Management, right-clicking your main drive, and looking at the partition style under the Volumes tab.
When a BIOS Update Helps
On some older motherboards, the TPM feature exists in the hardware but wasn’t fully supported until a later BIOS update. Updating your motherboard’s firmware can unlock TPM functionality, improve its stability, or even enable it by default. If you have a board from around 2015 or 2016, this is worth checking on your manufacturer’s support page.
A practical tip: if you plan to both update your BIOS and enable TPM, do the BIOS update first. Some firmware updates revise the TPM version, which resets it. Enabling TPM only after updating saves you from going through the setup process twice. Keep in mind that a BIOS update also resets all your settings to defaults, so you’ll need to re-enter UEFI afterward to enable TPM, adjust boot order, and toggle Secure Boot.
Fixing Driver Conflicts
If your TPM shows up in Device Manager but has a yellow warning icon or shows “This device cannot start (Code 10),” the issue is likely a driver problem rather than a missing chip. This error commonly appears when a non-Microsoft TPM driver is installed, or when the BIOS mode doesn’t match what the TPM expects.
To resolve a driver conflict, open Device Manager, expand “Security devices,” right-click on Trusted Platform Module 2.0, and select “Update driver.” Choose “Search automatically” to let Windows find its own driver. If that doesn’t work, uninstall the device, restart, and let Windows reinstall the default Microsoft TPM driver on its own. For BitLocker users specifically, using the Microsoft-provided TPM driver is essential, as third-party drivers can block BitLocker from recognizing the TPM entirely.
If Your System Has No TPM at All
Desktop computers built before mid-2016, and some budget laptops from that era, may genuinely lack TPM hardware. If tpm.msc shows nothing, your BIOS has no TPM-related settings, and your CPU doesn’t support a firmware-based TPM (Intel PTT was introduced around 2013 with 4th-gen Core processors, AMD fTPM with Ryzen in 2017), then your system doesn’t have one.
For desktops, you can often add a discrete TPM module. These are small boards that plug into a dedicated TPM header on your motherboard. They cost around $15 to $30 and are specific to your motherboard manufacturer, so you’ll need to match the pin layout. Laptops generally don’t have this option, since there’s no accessible header.
Without a TPM 2.0, you won’t be able to run Windows 11 through the standard installation path. You also won’t have hardware-backed BitLocker encryption or certain enterprise security features. For a computer that otherwise works fine, a discrete TPM module is the most straightforward fix.