Hidden among the Windows 11 announcement today was a very odd, or at least surprising, system requirement. For Windows 11, all systems will need a TPM 2.0 chip.
What the heck is a TPM chip? TPM is short for Trusted Platform Module, and it's primarily known as a means for security in PCs, mostly dedicated to business notebooks and desktops.
- The best laptops right now
- Windows 11 Insider preview available now — here’s how to get it
- Plus: Windows 11 updates are taking cues from macOS — why that’s a good thing
CPU: a 1 GHz or faster dual-core or higher 64-bit processor or System on a Chip
Memory: 4 GB RAM
Storage: 64 GB
TPM: Trusted Platform Module (TPM) version 2.0
Graphics card: DirectX 12 compatible graphics / WDDM 2.x
Display: A greater than 9-inch display of 720p or higher
And this will likely lead many to wonder if they have this chip, because it's not one of the most consumers would ever see or consider when customizing a laptop online, especially if they're making a gaming system.
Editor's note: This story about Windows 11's TPM requirement has been updated after Microsoft announced it will be temporarily taking down the PC Health Check app. We've also added comment from a Microsoft spokesperson, as well as notes from a Microsoft's blog post on the matter.
A Microsoft spokesperson told Tom's Guide, via email that "devices to meet the requirements for Windows 11, they will need to have a TPM. TPM support is included directly in CPUs from AMD, Qualcomm and Intel which can be found on the Windows 11 compatibility list.
They followed that with the frustrating note that "If devices in market meet the TPM requirements they can upgrade to Windows 11, if not they will need a new device." That said, we've heard that some TPMs may need to be enabled in the BIOS, so reach out to your PC's manufacturer for help before you buy a new system.
On June 25, the day after Windows 11 was revealed, David Weston (Director of Enterprise and OS Security at Microsoft) published a blog on Microsoft.com, explaining the need for TPM 2.0 chips.
Weston framed the need for such chips a security concern, writing "it’s been rare to get through a day without reading an account of a new cybersecurity threat." He then referenced an internal report that found "83 percent of businesses experienced a firmware attack, and only 29 percent are allocating resources to protect this critical layer."
And while you may not run a business off your laptop, Microsoft is arguing that everyone should be protected against such attacks. "TPM 2.0," Weston writes, "is a critical building block for providing security with Windows Hello and BitLocker to help customers better protect their identities and data. In addition, for many enterprise customers, TPMs help facilitate Zero Trust security by providing a secure element for attesting to the health of devices."
Even if you do have a TPM in your laptop, you might be surprised to know that it's there. I was personally shocked to find out that the PC I've been streaming on Twitch with, the excellent Acer ConceptD 7 Ezel, does have a TPM 2.0 chip and can in fact run Windows 11.
How did I find out? I certainly did not look it up inside my system, though you can if you know how. I chose not to, because Microsoft is offering a way to see if your PC supports Windows 11, and that's how I wanted to confirm my compatibility.
That said, a quick look at the update's other major system requirements (a 64-bit dual-core processor of 1 GHz or faster, 4GB of RAM and a 64GB storage device) would let me know that my machine qualified — and so the shorter version would be good enough for me.
That said, as I'll explain below, there are steps to take if it looks like your system doesn't have a TPM, it may just need to be enabled.
How to find out if your PC has TPM 2.0 for Windows 11
As Microsoft announced it will be temporarily taking the PC Health Check app down, there's only one great way (at the moment) to see if your PC has a TPM chip.
1. Click Windows + R
2. Type in 'tpm.msc' and click OK or hit Enter.
3. Look for confirmation or a "Compatible TPM cannot be found" error.
4. If you get the latter, you may still have a TPM chip, but it may need to be enabled. Contact your system's manufacturer for more details about how to turn it on in the BIOS — we can't give advice here, as all systems are different.
The below instructions are based on using the PC Health Check app, which Microsoft announced on June 28 it is removing temporarily. The following instructions will likely still apply when it comes back, but note that Microsoft is the only place you should download it from.
1. Download, open and install the PC Health Check app.
3. Make sure the "Open Windows PC Health Check" box is checked and click Finish.
4. Click Check now under Windows 11.
5. The app will confirm or deny your support.
Congrats, now you know if you have a TPM!
If you don't have one, well, there's good news and bad news.
There's a chance you may still have a TPM chip, but it just needs to be enabled. Reach out to the company that made your computer to ask about how your system's TPM can be enabled in the BIOS, a system that varies so greatly that we can't give advice here.
You can buy a TPM off Amazon , but you'd need to figure out which TPMs (if any) your system supports, and that's a whole hassle into an of itself. Plus, installing it requires access to your motherboard, which isn't exactly easy on most laptops. And installing it isn't that easy either. Good luck, dear readers!
What is a TPM good for?
If you're curious, the TPM uses both software and hardware to store and protect important passwords and/or encryption keys. Plus, if a TPM chip detects something wrong in your system, it can run a quarantine mode to try and fix the problem.
It's basically a line of defense your system has against attacks, and a important part of why Microsoft believes that Windows 11 is super-secure.