Fix the BitLocker issue: “This Device Can’t Use a Trusted Platform Module”
I often tried to turn on the BitLocker on an old Windows 10 PC at home and always receive an error notification. That I found would be too cryptic to anyone who is not a PC geek. In this tutorial you will learn the way to Fix the BitLocker issue: “This Device Can’t Use a Trusted Platform Module” Here is that notification:
This device can't use a Trusted Platform Module. Your administrator must select the "Allow BitLocker without a compatible TPM" option in the "Require additional authentication at startup" policy for OS volumes.
However, most people will just cancel the operation and ignore/forget about the complete thing with a message like that. But unluckily Microsoft never creates these types of error messages clear and simple to understand. So let’s break it down.
Trusted Platform Module (TPM)
This is literally a chip that is on recent processors that have extra security features. Similarly, when BitLocker uses TPM, so then it stores the encryption key on the chip itself. Whether you don’t have a chip that helps the TPM. Next you you are also able to still use BitLocker. But you will have to store the encryption key on a USB stick.
So what’s all the thing about choosing the X and Y policy for OS volumes? Literally, it is a policy setting that has to be turned. That will permit BitLocker in order to work without the TPM requirement.
However, the fix is direst, so you have to just abide by the tips and then don’t make any other conversions.
- Head to the group policy editor by pressing the Windows Key + R. OR by tapping on Start in Windows 10 and typing in Run. Now in the Run dialog box, you must have to go ahead and there must type in gpedit.msc and press Enter.
However, here you have to expand to the following section under group policy:
Computer Configuration - Administrative Templates - Windows Components - BitLocker Drive Encryption - Operating System Drives
- Similarly, guys here on the right-hand side, you will view an option named as the Require additional authentication at startup. So you just have to go ahead and double-click on that option.
- By default, it is set to Not Configured, thus you will have to just simply tap on the Enabled radio button. It should check then the Allow BitLocker without a compatible TPM box, but whether not, so you have to confirm in order to check it.
- In this step, you have to tap OK and then close out the group policy. Now you have to go back to the BitLocker screen and tap the Turn on BitLocker link.
- Rather than receiving an error notification, here you should view the BitLocker setup screen. Simply when you tap the Next, then it will start setting up your hard drive for BitLocker.
Related Article: You Require Permission from the TrustedInstaller in Windows 7/8/10
Fix the BitLocker issue: “This Device Can’t Use a Trusted Platform Module”-Conclusion
Once more, there is no real safety loss/disadvantage of using BitLocker without a TPM. So it is just that the encryption key has to be stored on a USB drive rather than being stored on the chip itself. And whether you are still facing issues enabling BitLocker on Windows 8 or Windows 10, post a comment and let us know. Enjoy!