What is Trusted Platform Module? How to check if you have TPM chip?

Trusted Management Module Management

Have you ever wondered which devices supported Windows Hello, fingerprint verification, and critical biometrics – and where did they store them? Storing this data on your computer or phone can be risky. It's here that TPM or Secure platform module enters the picture. In this article, we will learn about the Trusted Platform Module and learn to check if you have a TPM chip.

What is Trusted Platform Module?

The Trusted Platform Module or TPM is a specialized and dedicated chip that stores cryptographic keys. It acts as endpoint security for the devices that support it.

When someone owns a device, it generates two keys –

  1. Key of approval
  2. Storage root key.

These keys are only accessible at the hardware level. No software can access these keys.

In addition to these keys, there is another key called Certificate ID key or AIK. It protects the hardware against unauthorized changes to firmware and software.

Related: How to clear and update the firmware TPM.

How to check if you have a TPM chip

There are many ways to check the availability of the TPM chip. However, you should know that it needs to be hardware enabled so that the security of security software such as Bitllocker can use it.

  1. Using TPM Management
  2. Enable it in the BIOS or UEFI
  3. Using the Security Node in Device Manager
  4. Using the WMIC command.

1) Open the Trusted Management Module Management

Type tpm.msc in the prompt, and press Enter. It will launch the Trusted Management Management Module.

If that says:

Compatible TPM not found on this computer. Verify that this computer has 1.2 TPM or later and that it is enabled in the BIOS.

or something similar, then you do not have TPM on the computer.

Trusted Management Module

If that says:

The TPM is ready to use

You have it!

2) BIOS or UEFI registration

Restart the computer and boot into the BIOS or UEFI. Look for the security section and see if there is a setting similar to TPM Support, Security Chip, or something else. Enable it and restart the computer after saving the settings.

3) Check with the device manager

check if you have a TPM chip

Use Win + X + M to open the Device Manager. Find if there is a Security Devices node. If so, expand it and TPM with the module number

4) Use WMIC in the command prompt

In a command prompt with elevated privileges, run the command:

wmic /namespace:rootcimv2securitymicrosofttpm path win32_tpm get * /format:textvaluelist.xsl

It will display a list of key-value pairs.

If you see True in the result, it means that TPM is enabled. otherwise you should see No instances available".

We hope the guide was simple and easy to understand for you to determine if the computer is equipped with a TPM chipset.

Leave a Reply