Share via

Windows 11 TPM 2.0 Support Clarification

Gambo Cheung 0 Reputation points
2025-08-15T01:57:32.7733333+00:00

Requesting clarification on the Trusted Platform Module (TPM) 2.0 requirements for Windows 11. Specifically, the inquiry focuses on options for systems lacking a built-in TPM 2.0 chip.

The following points need clarification:

  1. Does Windows 11 support TPM 2.0 hardware delivered via an external USB dongle or device?
  2. Are any USB-based TPM 2.0 solutions officially recognized or supported by Microsoft for use with Windows 11?
  3. Are there specific models, drivers, or configuration steps required for external TPM 2.0 devices to work with Windows 11 and receive ongoing updates?
  4. Is there a roadmap for future Windows 11 updates to enable support for external TPM 2.0 devices?

This guidance will be invaluable for deployment strategies and hardware planning. Thank you for any assistance provided.

Windows for home | Windows 11 | Windows update

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Kimberly Olaño 23,395 Reputation points
    2025-08-15T02:34:56.6033333+00:00

    Hello! Gambo , Kimberly here, and I’m eager to jump in and help you with this.

    1. USB or External TPM Support

    Windows 11 does not support meeting the TPM 2.0 requirement via USB-connected or other external TPM devices.

    Microsoft’s definition of “TPM 2.0” for Windows 11 certification covers only:

    Firmware TPM (fTPM) — e.g., Intel PTT, AMD fTPM.

    Discrete TPM modules (dTPM) installed on the motherboard header.

    Integrated security processors like Microsoft Pluton.

    2. Officially Recognized USB TPM Solutions

    No USB-based TPM 2.0 solutions are officially recognized or listed by Microsoft as compatible for Windows 11 upgrades or device certification.

    3. Supported Configurations & Setup

    To be supported and receive full Windows Update servicing:

    Enable firmware TPM in BIOS/UEFI (Intel PTT or AMD fTPM).

    If available, install a compatible discrete TPM 2.0 module in the motherboard’s TPM header.

    Use UEFI mode with Secure Boot enabled.

    Let Windows auto-provision the TPM and verify via tpm.msc or Windows Security → Device security.

    Windows includes TPM 2.0 drivers; no manual driver installation is typically required.

    4. Roadmap for External TPM Support

    Microsoft has no published plans to add support for USB or other external TPM 2.0 devices in future Windows 11 updates.

    Enforcement of TPM 2.0 requirements has been strengthened in recent releases, not relaxed.

    5. Practical Options if TPM 2.0 Is Missing

    Check and enable fTPM/PTT in BIOS (often disabled by default).

    Add a motherboard-vendor compatible discrete TPM module.

    If neither is possible, replacing hardware is the only fully supported upgrade path.

    Workarounds exist to bypass TPM checks, but they are unsupported and may be blocked by future updates.

    Should you have more questions, please let me know.

    Best regards,

    Kimberly

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.