“This device can’t use a Trusted Platform Module”, Many of you must have got this error message before. A few days ago I also encountered this error and for a while, I was also shocked that what it is? But then when I went into its depth, I found that this is a common error and like many other errors it can be easily removed. You just need to know what is the correct procedure.
As I said I faced this issue a few days ago, it happened while I was enabling BitLocker in one of my old Windows 10 PC, then suddenly I got an error message “This device can’t use a Trusted Platform Module”. At that time I was completely unaware of this error, and that’s why I tried to know it, and finally, I was able to find a solution. So let’s know what it is, but before going to the procedure first you need to know that what is TPM “Trusted Platform Module”?
What is Trusted Platform Module (TPM)
Trusted Platform Module (TPM), this heavy term is used for a special type of chip that attaches to new processors and comes with some additional security features. In the Windows system, Bitlocker uses Trusted Platform Module TPM, it stores the encryption key on the chip. After that, the second thing that TPM performs is, authenticate your encrypted computer and give you access to all the encrypted data when the device trying to access it is identified as trusted. TPM chip is useful but It is not that if you do not have a chip that supports TPM, you will not be able to use BitLocker, you can use BitLocker even in that case, but then you need to store the encryption key on a USB stick.
Steps to Fix The Error “This device can’t use a Trusted Platform Module”
All we have to do is to make some necessary tampering with the group policy settings, which will allow us to enable BitLocker without TPM chip. Nothing you will find tough in this process, you can do it simply, by just following the steps I shared below.
1.Turn on your Windows PC and press the Windows Key + R to open the “Run” dialog box or you can also open “Run” by clicking on the Start button in Windows 10 and typing in Run.
2. In the Run dialog box, type “gpedit.msc” and press Enter to open the group policy editor settings.
3. After opening the group policy editor, click on the Computer Configuration section from the left-hand panel and then open the following sections step by step
Administrative Templates -> Windows Components -> BitLocker Drive Encryption -> Operating System Drives
4. Now after opening all the sections one by one, in the end, you will get an option called “Require additional authentication at startup” on the right-hand side. Open it by clicking twice on it.
5. In “Require additional authentication at startup” settings box, you will find that by default “Not Configured” is selected there, you’ll have to change it on “Enable” by clicking on the Enabled radio button.
6. After that check the option which says “Allow BitLocker without a compatible TPM” and press “OK”, though it should be checked automatically after the step 5 process but if not then do it by yourself.
7. Now close the group policy editor section and go back to the BitLocker screen and try to enable BitLocker again. I am sure this time you won’t get the error message “This device can’t use a Trusted Platform Module”, and instead of this, you will see the BitLocker setup screen. When you click Next, the installation of BitLocker will be started on your Windows 10 system.
So hopefully, now you know what needs to be done if you get an error message on your PC screen which says “This device can’t use a Trusted Platform Module”. One thing I want to be clear here that, there is no real security loss to using BitLocker without a TPM, it’s just that the encryption key has to be stored on a USB drive instead of being stored on the TPM supported chip. So that’s it, this is the process but still, if there are any questions in your mind regarding this error or enabling BitLocker in your windows system, you can ask us in the comments section.