If Windows 11 doesn’t officially support your PC after running Microsoft’s PC Health Check, you may need to enable TPM and Secure Boot on your PC. This is how.
Windows 11 Requires TPM 2.0 and Secure Boot
Secure Boot and TPM are disabled in UEFI, which is the basic mechanism that allows your operating system to work with your PC hardware, and this is the core of the problem with PC Health Check for some PCs. Even though the name “BIOS” officially refers to an older standard, many people still call UEFI their “BIOS.”
If your PC meets all of the other system requirements after enabling TPM and Secure Boot, it may pass the Windows 11 compatibility check.
How to Enable TPM and Secure Boot in UEFI
You must first shut down your device in order to enable TPM and Secure Boot in your UEFI. When you turn it back on, you’ll have to hit a particular keyboard key or button at precisely the proper time to access your UEFI settings.
Because the exact key you’ll need to press differs by manufacturer, you’ll need to reference your device’s operating manual or conduct a web search for your device name with “bios key” or “UEFI key.” You could get a brief notification on the screen at startup for some motherboards (especially if you built your own PC) indicating you which key to hit to enter BIOS settings.
For example, you can go to the UEFI setup menu on an Acer Spin 3 laptop by turning it on and hitting F2 on the keyboard when you see the “Acer” splash screen.
Once you’re on your UEFI setup page, the steps for enabling Secure Boot and TPM will vary greatly, but in general, seek for “Security” or “Boot” options.
The TPM choices are found under the “Security” tab in this sample Configuration Utility by American Megatrends (your setup will likely look different). Look for the word “TPM” and make sure it’s turned on. If it isn’t enabled, update the settings in your UEFI to enable it.
Similarly, we can discover our Secure Boot settings in our sample UEFI under the “Boot” page. Make sure that the “Secure Boot” option is turned on.
After that, make sure you save any changes you’ve made to your UEFI before exiting the configuration software (typically one of the options is “save and exit”).
Note: If your computer’s UEFI or BIOS settings page does not mention TPM or Secure Boot, your computer may be too old to have these capabilities.
Your computer will restart and Windows will load when you exit. You should be able to pass the test if you run the check again. If you enable these functions and your PC still fails the test, there’s another reason why it’s not compatible with Windows 11.
What Are Secure Boot and TPM Anyway?
Secure Boot is a UEFI feature that allows only signed operating systems to run, which can protect you from malware. You can also check System Information in Settings to discover if your system supports Secure Boot, in addition to checking your BIOS.
TPM (short for “Trusted Platform Module”), on the other hand, aids security by encrypting your data using a particular chip within your machine. The TPM 2.0 chip is necessary to operate Windows 11 on most PCs made after 2016.
Press Windows+R, type tpm.msc, and press Enter to check your TPM chip. You’ll discover information on your PC’s TPM module and its version number under “Specification Version” in the TPM management interface that appears.