Microsoft works closely with hardware manufacturers and industry groups to make it possible to manage most functions of the Trusted Platform Module (TPM) from within TPM Management. However, on some occasions, it may not be possible to control all aspects of your TPM security hardware from Windows. Examples may include:

  • Hardware that does not fully support the TPM 1.2 specification

  • Hardware that does not contain a fully supported BIOS

  • Hardware that has an option to hide the TPM security hardware from the operating system

  • Hardware for which the manufacturer has decided to require that the BIOS screens be used to turn on, turn off, or clear the TPM

In such cases, you may be able to manage your TPM security hardware from the BIOS or setup screens of your computer.

Each manufacturer may use different terminology and have different menus or steps to manage the TPM. For example, rather than being called a "Trusted Platform Module," your manufacturer may refer to the TPM as an "embedded security device" or use a localized or translated name for TPM.

To learn how to enter the BIOS or setup system on your computer and how to perform TPM-related operations, please review the owner's manual, setup guide, or similar documentation provided with your computer. Most manufacturers also make troubleshooting and setup information available online.

When searching for instructions about managing the TPM, you may want to use some of the following search terms: "embedded security," "TPM," "trusted platform," "security module," "security chip," "TCG," "Trusted Computing Group," or these terms with verbs representing the specific action, such as "enable," "turn on," or "turn off." A good resource for learning about how a TPM works is the Trusted Computing Group Trusted Platform Module (TPM) Specifications (https://go.microsoft.com/fwlink/?LinkId=139770).