How to Backup TPM Keys in a Couple of Easy Steps

Backing up TPM keys is no longer possible on Windows

Reading time icon 2 min. read


Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

Key notes

  • In the past, it was possible to back up TPM to Active Directory by making few changes to Group Policy.
  • This isn't the case, but you can still back up your BitLocker keys, so you won't be locked out.

Many users are wondering how to perform a TPM backup on their PC to ensure that their data doesn’t remain encrypted and inaccessible to them.

Microsoft has made some changes in this regard, so backing up your keys might not be as simple as it previously was.

Where is my TPM key?

The TPM has a master wrapping key stored on the TPM chip itself. The wrapping key protects all other keys on the TPM chip.

Is the BitLocker key stored in TPM?

Yes, the BitLocker key used for encryption is stored in the TPM chip so that your drive can be fully protected from tampering.

How do I back up my TPM key in Windows 11?

Adjust the Group Policy settings

  1. Press the Windows + R keys to open the Run command.
  2. Type gpedit.msc in the dialog box and press Enter to open the Group Policy Editor.GPEDIT
  3. In the left pane, navigate to Computer Configuration\Policies\Administrative Templates\Windows Components\Bitlocker Drive Encryption
  4. In the right pane, double-click the Store Bitlocker Recovery information in Active Directory Domain Services.
     
  5. Set it to Enabled and click on Apply and OK.

TPM backup is no longer available in Windows in order to ensure the safety of the device. However, this feature was used for backing up BitLocker keys primarily, and this is still possible with steps from above.

Does clearing TPM erase data?

Yes, clearing TPM will erase data protected by TPM. This includes the following:

  • Created keys related to the TPM, including the BitLocker recovery key.
  • Your sign-in PIN.

Therefore, backing up your Bitlocker recovery key is essential if you plan to clear the TPM.

To learn how to reset TPM, we have a great guide on how to clear the TPM keys.

And that’s how to back up your TPM keys in Windows 11. The same procedure also applies to Windows 10. Don’t forget to check out our article on what to do if your TPM device is not detected.

In case you’re in the market for a new TPM 2.0 chip, we have curated a list with detailed specs and price points to help you get started.

Let us know of any issues you may encounter while backing up the TPM keys in the comment section below.

User forum

0 messages