Share via

I need assitants with tpm i think bitlocker has something to do with with

Carolyn Huggins 20 Reputation points
2026-03-10T21:16:11.1866667+00:00

Hi I'm having issues with Windows updates i have a volume license. The other tech told me so i had to reach out to you all i been trying everything some work for one thing but i have the tpd issue back as og last night and i see the tdm come up when clicking on the link under bitlocker i clicked something else before it popped up and not the box saying that tmp 2.0 is back when i clicked on the tpm last night i cant get into my email after i go in because the 30 day pending for my phone number change appears

Windows for home | Windows 11 | Windows update

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Carl-L 12,565 Reputation points Microsoft External Staff Moderator
    2026-03-14T08:50:18.6633333+00:00

    Hello Carolyn Huggins,

    Welcome to Microsoft Q&A forum.

    Before we proceed, may I have more details of the issue you're having? Based on what I see here, it seems to be a log in issue rather than a TPM issue. If possible, please send me some photos of it, please remember to remove all personal information before posting.

    Additionally, you mentioned volume licensing, may I know if your computer is running a work or school edition of Windows? If that is the case, many settings will need the tech admin of the organization.

    I'm waiting for your reply.

    0 comments
  2. Q&A Assist
    2026-03-10T21:16:28.91+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    Follow these steps to address likely TPM/BitLocker issues that are affecting updates and sign-in:

    1. Check if TPM is locked or in error
      1. Press Start, type tpm.msc, and press Enter.
      2. In TPM Management on Local Computer, check the status:
        • If it shows messages about dictionary attack or TPM is locked/defending against dictionary attacks, the TPM is in lockout.
    2. If TPM is locked with “defending against dictionary attacks” This condition can block BitLocker and related operations.
      1. Open PowerShell as administrator.
      2. Run this script exactly as shown: 
              $Tpm = Get-WmiObject -class Win32_Tpm -namespace "root\CIMv2\Security\MicrosoftTpm"
      $ConfirmationStatus = $Tpm.GetPhysicalPresenceConfirmationStatus(22).ConfirmationStatus
      if($ConfirmationStatus -ne 4) {$Tpm.SetPhysicalPresenceRequest(22)}
      3. Restart the device.
      4. If prompted to clear the TPM, confirm.
      5. Sign back into Windows and test Windows Update again.
      Warning: Clearing/resetting the TPM can cause data loss for anything that depends on TPM-stored keys (for example, BitLocker-protected drives without a backup recovery key). Ensure any important BitLocker recovery keys are backed up before proceeding.
    3. If BitLocker is already in recovery or prompts at boot
      • Enter the 48-digit BitLocker recovery key when prompted so the device can start Windows.
      • If the recovery key is not available in any of the documented locations (Microsoft account, organization/Intune/AD, printout, USB, etc.), the key cannot be retrieved by support and data on the encrypted drive cannot be recovered. In that case, only a reset/reimage of the device is possible, which erases data.
    4. If TPM is version 1.2 and shows hardware errors
      • In tpm.msc, if there is an error like NTE_DEVICE_NOT_READY or the console cannot load for TPM 1.2, this indicates a hardware/firmware issue.
      • If the device firmware allows, switch TPM mode from 1.2 to 2.0 in UEFI/BIOS, then test again.
      • If that is not possible or does not help, check with the device manufacturer for UEFI/BIOS/TPM firmware updates. If still unresolved, motherboard replacement may be required; this will wipe TPM data.
    5. About the 30‑day phone-number change lockout
      • The 30‑day security hold on changing phone number/MFA is separate from TPM/BitLocker. During that period, sign-in and account recovery options are limited until the change completes.
      • While waiting, use any existing sign-in methods that still work (old phone, alternate email, recovery codes). If none work, access to that account may be blocked until the 30‑day period ends.

    If Windows Update issues persist after clearing/unlocking the TPM and successfully booting Windows, focus next on standard Windows Update troubleshooting (not covered in the provided material).

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.