This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 77%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDK%3C/text%3E%3C/svg%3E)
I had installed a new BIOS update for my computer (my first time) and after i had finished it gave me two options, either I boost TPM with current data or I reset TPM. Resetting TPM means that I lose all the encrypted keys. I'm on Windows 11 Home Edition and found out that it doesn't use BitLocker. Also I don't remember getting any BitLocker keys nor getting one saved to my account. So what does it mean when it says that I lose my Encrypted keys? And do is my Microsoft account used as a key or what?
Hi, I'm Rodrigo and I will help you.
If your drive is not encrypted by BitLocker, you can reset your TPM, this was needed because of the BIOS update.
Resetting TPM will reset your encrypted keys, but since you don't have anything encrypted, it is not an issue.
If you had a BitLocker encrypted drive, your keys are usually stored in your Microsoft Account, so you can restore them easily if needed.
Oh, okay. So if i reset my TPM then i wont have to deal with having to type in a encrypted key?
Device Encryption in Windows 11 works by automatically enabling BitLocker Drive Encryption on devices that meet specific hardware requirements, such as Modern Standby. When you log in with a Microsoft account, the system checks if the hardware is compatible and then activates Device Encryption. The recovery key for the encrypted data is backed up in the Microsoft cloud and can be accessed through your Microsoft account.
When you reset the TPM (Trusted Platform Module), it clears all keys associated with it. This means that any data that was encrypted using those keys will become inaccessible. Essentially, if you reset the TPM, you will lose access to any encrypted data, such as files protected by Device Encryption, as the keys that allow you to decrypt that data will be deleted. This is why it is crucial to ensure that you have backups of any important data before proceeding with a TPM reset.
Since you are on Windows 11 Home Edition and noted that it does not use BitLocker, it is important to understand that Device Encryption still provides a level of protection similar to BitLocker, but it is automatically managed by the operating system without user intervention. Therefore, losing the encrypted keys means losing access to the data protected by Device Encryption as well.
