[SOLVED] How to buy a TPM

leonsk29

Commendable
Jul 3, 2020
25
0
1,540
I have a Gigabyte B75M-D3H. It has a 20-pin TPM header, but it didn't come with one included.

My question is: can I go out and buy ANY 20-pin TPM, or does it need to be from the same brand, the version can be 1.2 or 2.0? The manual doesn't say anything about the TPM specs required. Thanks in advance.
 
Solution
I wouldn't be so confident this will go away as Microsoft has been saying systems need to be compliant for TPM 2.0 for a while...since 2016 I've read. It would be helpful to know why they are making it a requirement to install the OS though; perhaps to store more OS credentials beyond just Bitlocker codes.

Both AMD and Intel (since 2013) have a firmware-based form of TPM (fTPM) that doesn't require a separate module. On Intel systems look for a BIOS setting that's called PTT or Platform Trust Technology. Although, I've read that some boards don't expose the setting in BIOS since the mfr. consider it a premium feature. Hopefully they do in an update so go looking for one.

On Windows10 you can verify your TPM by typing Device...

USAFRet

Titan
Moderator
I have a Gigabyte B75M-D3H. It has a 20-pin TPM header, but it didn't come with one included.

My question is: can I go out and buy ANY 20-pin TPM, or does it need to be from the same brand, the version can be 1.2 or 2.0? The manual doesn't say anything about the TPM specs required. Thanks in advance.
This is for Win 11?

Patience.
I'm predicting that TPM thing will NOT be required for the eventual final release.

(I could be wrong, but I don't think so)
 

punkncat

Champion
Ambassador
I have a Gigabyte B75M-D3H. It has a 20-pin TPM header, but it didn't come with one included.

My question is: can I go out and buy ANY 20-pin TPM, or does it need to be from the same brand, the version can be 1.2 or 2.0? The manual doesn't say anything about the TPM specs required. Thanks in advance.


My Z590 motherboard didn't (apparently) come with one either. There is a header for it and a frustrating lack of detail about what will work there. My manual even tells me to refer to a document about the module that doesn't seem to exist in their database.

My hope is that what @USAFRet turns out to be the case. It only makes sense.
 
I wouldn't be so confident this will go away as Microsoft has been saying systems need to be compliant for TPM 2.0 for a while...since 2016 I've read. It would be helpful to know why they are making it a requirement to install the OS though; perhaps to store more OS credentials beyond just Bitlocker codes.

Both AMD and Intel (since 2013) have a firmware-based form of TPM (fTPM) that doesn't require a separate module. On Intel systems look for a BIOS setting that's called PTT or Platform Trust Technology. Although, I've read that some boards don't expose the setting in BIOS since the mfr. consider it a premium feature. Hopefully they do in an update so go looking for one.

On Windows10 you can verify your TPM by typing Device Security in Cortana search box. Look for the Security Processor to be enabled and working.
 
Last edited:
Solution
Some are speculating that the TPM requirement will only be for OEM systems (Dell, HP, etc.). I agree that it will most likely NOT be required for custom builders.
I can see why a separable TPM module would be very useful for managed systems, such as Dell and HP sell. In a large company, with hundreds of identical systems deployed, just pull the bitlocker secured drive and TPM module and put both in a new system and get the user back up and running fast with no data loss.

But if all systems have had an fTPM built-in since 2013 or so I see no reason Microsoft shouldn't continue to enhance even home users' security by utilizing it with a new OS. That's why I'm not so sure the requirement will go away.
 

USAFRet

Titan
Moderator
I wouldn't be so confident this will go away as Microsoft has been saying systems need to be compliant for TPM 2.0 for a while...since 2016 I've read. It would be helpful to know why they are making it a requirement to install the OS though; perhaps to store more OS credentials beyond just Bitlocker codes.

Both AMD and Intel (since 2013) have a firmware-based form of TPM (fTPM) that doesn't require a separate module. On Intel systems look for a BIOS setting that's called PTT or Platform Trust Technology. Although, I've read that some boards don't expose the setting in BIOS since the mfr. consider it a premium feature. Hopefully they do in an update so go looking for one.

On Windows10 you can verify your TPM by typing Device Security in Cortana search box. Look for the Security Processor to be enabled and working.
And then we add in COVID complications.
A LOT of people did not or could not update/buy new in the last 18 months, due to price and parts availability.
Myself included.

Requiring this is going to leave a LOT of users and systems out in the cold.
 
I think fTPM is AMD's version of the BIOS/software TPM (IPTT is Intel's). We don't even know if this would be acceptable to Windows 11 as it's definitely NOT the same thing as having a TPM 2.0 module.
I still don't think it will be required for custom builds but we'll see. ;)
 
I think fTPM is AMD's version of the BIOS/software TPM (IPTT is Intel's). We don't even know if this would be acceptable to Windows 11 as it's definitely NOT the same thing as having a TPM 2.0 module.
I still don't think it will be required for custom builds but we'll see. ;)

I can't speak for Intel's rendition of TPM 2.0 in the form of 'PTT' as I've an AMD board, but AMD's fTPM is perfectly compliant...at least as far as Microsoft is concerned. It's fully recognized and accepted in Win10, at least, as I'm informed by the Device Security info screen, et.al. And of course, I'm as much in the dark as anyone else about whatever Win11 will require but I'm confident there will be a lot of good info in the coming days to absorb and cogitate over.
 
  • Like
Reactions: alceryes
Jun 25, 2021
3
1
10
I wouldn't be so confident this will go away as Microsoft has been saying systems need to be compliant for TPM 2.0 for a while...since 2016 I've read. It would be helpful to know why they are making it a requirement to install the OS though; perhaps to store more OS credentials beyond just Bitlocker codes.

Both AMD and Intel (since 2013) have a firmware-based form of TPM (fTPM) that doesn't require a separate module. On Intel systems look for a BIOS setting that's called PTT or Platform Trust Technology. Although, I've read that some boards don't expose the setting in BIOS since the mfr. consider it a premium feature. Hopefully they do in an update so go looking for one.

On Windows10 you can verify your TPM by typing Device Security in Cortana search box. Look for the Security Processor to be enabled and working.


On my ASUS Maximus xiii, I need to enable PTT, VT-d, Enable IOMMU during boot - all of those are under the Advanced tab, but different sub-tabs; Safe Boot - setting Windows and "Standard" mode under the Boot tab and enable VMX under the CPU tab for Windows to say the system meets standard security. Enabling PTT will bring up another sub-tab under Advanced on the next boot-up that has trusted computing options - I believe I needed to enable TPM2 under that tab also, but you can't do it when you first enable PTT.
 
On my ASUS Maximus xiii, I need to enable PTT, VT-d, Enable IOMMU during boot - all of those are under the Advanced tab, but different sub-tabs; Safe Boot - setting Windows and "Standard" mode under the Boot tab and enable VMX under the CPU tab for Windows to say the system meets standard security. Enabling PTT will bring up another sub-tab under Advanced on the next boot-up that has trusted computing options - I believe I needed to enable TPM2 under that tab also, but you can't do it when you first enable PTT.

I can see this roll-out is going to frustrate a huge number of would-be eager upgraders. Even if they have the necessary hardware just getting it all enabled can be near-on impossible for many of them.

As far as OP's titular question goes:

https://www.tomshardware.com/news/tpm-modules-unobtainable-expensive-windows-11