If your device isn't compatible with Windows 11, TPM won't help that much
3 min. read
Updated on
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more
Key notes
- PC owners with unsupported hardware don’t actually need a TPM to clean install Windows 11.
- Most already have TPM 1.2 and can use the registry hack to upgrade to Microsoft’s newest OS.
- For PCs that lack firmware TPM altogether, buying a module won’t solve your biggest problem.
- Your OS will never be secure, as you will not receive any of the security updates whatsoever.
By far the most controversial system requirement that Windows 11 came with was the required TPM 2.0 addition, which apparently a lot of people were missing, making it impossible for them to upgrade, at first.
Many were actually thinking that it was time to go out and buy a module so they can check that requirement box as well.
Unfortunately, it doesn’t really work like that, because either your PC already meets Windows 11’s hardware requirements or you’ve decided to buy new com[atible hardware.
The truth is that many CPUs already include a firmware version of TPM 2.0, which just needs to be enabled in your BIOS settings before you install Windows 11.
Here’s why you shouldn’t buy a TPM for Windows 11
Now let’s talk about PC owners with unsupported hardware, and clarify that they don’t actually need a TPM to clean install Windows 11.
For upgrades from Windows 10, the great majority already have TPM 1.2 and can use the registry hack method to move up to Microsoft’s newest OS.
Even for computers that lack firmware TPM altogether, buying a module won’t solve your biggest problem in dealing with Windows 11.
It’s already known that all systems with unsupported hardware run the risk of being opted out of the inner circle and not receiving any Windows updates at all.
So sure, you can get a physical module to pair with an older CPU, assuming you have a motherboard with a TPM header.
But you won’t stay as secure as supported PCs, however, in the end, you’re winning one battle only to lose another.
Users seeking a physical TPM to keep its primary functions separate from their CPU, because they believe isolating components offer more security are also in for a surprise.
The physical module doesn’t protect against every kind of TPM attack, so you might want to keep that in mind.
Microsoft doesn’t favor a particular kind of TPM for Windows 11. In the TPM recommendations, the company mentions discrete, integrated, and firmware TPM and specifically says Windows uses all compatible modules in the same way.
On the off-chance you do want a physical module to bypass needing your recovery key for an encrypted drive after a CPU upgrade, again, you need to stop.
We say that because having a discrete TPM doesn’t bypass this kind of headache, and you can trigger the need for a recovery key even after motherboard firmware changes.
So the question here is what should people with unsupported hardware do, if not buy a physical TPM for Windows 11?
The best option you have right now is sticking with Windows 10, as you get a hassle-free experience with solid security, and some of the Windows 11 features are still coming to the previous OS as well.
Windows 10 will also get support for another four years, so you have little pressure to upgrade your hardware in the near future.
The bottom line is that if you really want to run Microsoft’s new operating system, your best chance is sourcing a new, compatible machine for it.
All this TPM he said, she said is just wasting everybody’s time and the results are really not that impressive overall.
Were you planning to purchase a Trusted Platform Module just to run Windows 11 on your unsupported machine? Share your experience with us in the comments section below.
