Why Windows 11 Needs TPM?

Capping off months of speculation, Microsoft unveiled Windows 11 β€” Windows 10’s timely successor β€” on the 24th of June. The operating system is yet to be rolled out the to public or even developers, but a lot has been revealed about the latest Windows OS. 

As per Microsoft, every PC will need to have a TPM chip to install Windows 11. Any PC that fails to meet that particular requirement will have to stay on an older version of Windows OS. Today, we’ll be taking a closer look at this particular required: tell you what TPM is and why Windows 11 demands it. 

Related: Can Windows 11 Run Android Apps?

What does TPM mean?

TPM β€”Trusted Platform Module β€” is a microcontroller that is capable of storing passwords, certificates, encryption keys, and more. Storing the said artifacts allows the microcontroller to verify the platform β€” your PC or laptop. A TPM is a hardware component, of course, and can either be added as an add-on accessory to a supported motherboard or be found as an integrated motherboard accessory.

When you turn on device encryption or Microsoft’s BitLocker encryption, a part of the authentication key is sent to the TPM microcontroller. To decrypt the drive, not only will you need to enter the correct password but also have access to the system with the same TPM unit. A system with TPM provides superior tamper protection for your hard drive, as an attacker would not only need to know the password but also need to unlock it from the same system.

Related: How to Customize the Start Menu on Windows 11

Why Windows 11 requires TPM? 

In this day and age, security is the need of the hour, and Windows was not going to be left behind. As we’ve seen, a PC with TPM is capable of storing a part of the BitLocker or device encryption key to the specialized hardware, instead of storing it only to the drive, which makes a TPM-powered system a lot more tamper-proof. 

Related: How To Enable TPM 2.0 and Secure Boot in BIOS for Windows 11

As a user, you will not have to worry about the complex key as TPM would do all the heavy lifting for you. But an attacker will not have the option of removing the drive from your PC and decrypting it somewhere else. They will need to have access to both the drive and the TPM it was paired with, which a lot trickier than the traditional drive-only security. 

TPM is generally available on all modern motherboards, which means that even a decade-old motherboard should have TPM 1.2 β€” the minimum requirement for Windows 11 β€” and have no problem running the latest version of the Windows OS. 


Posted by

A mediocre engineer hoping to do something extraordinary with his pen (well, keyboard). Loves Pink Floyd, lives football, and is always up for a cup of Americano.