BitLocker TPM Error: How to Fix “Device Can’t Use TPM”
BitLocker TPM error appears when Windows cannot use a Trusted Platform Module during encryption. If you see the message “This device can’t use a Trusted Platform Module” on Windows 10 or 11, the issue is common and fixable. In this guide, you’ll learn how to fix the BitLocker TPM error and enable BitLocker without TPM safely.
Why the BitLocker TPM Error Appears
By default, BitLocker expects a hardware TPM to protect encryption keys. Therefore, you’ll see this BitLocker TPM error when Windows cannot access a compatible TPM or when the TPM is not ready.
- TPM is disabled in BIOS/UEFI (often after a firmware reset or motherboard changes).
- The system does not have a TPM chip (common on older PCs).
- You’re using a virtual machine without vTPM enabled.
However, BitLocker can still work without TPM by using a startup password or a USB startup key. As a result, you can encrypt the drive once you enable the correct policy.
Fix BitLocker TPM Error: Enable BitLocker Without TPM
Use this safe method to enable BitLocker without TPM on Windows 10/11 (Pro/Enterprise/Education). Then you can protect your data with a startup password or USB key.
- Press Win + R, type
gpedit.msc, and press Enter. - Go to:
Computer Configuration → Administrative Templates → Windows Components → BitLocker Drive Encryption → Operating System Drives - Open Require additional authentication at startup.
- Select Enabled.
- Check:
Allow BitLocker without a compatible TPM (requires a password or startup key on a USB flash drive) - Click Apply → OK.
- Restart your PC. After reboot, enable BitLocker from Control Panel → BitLocker Drive Encryption.
Important: Save your BitLocker recovery key in at least two places. For example, store it in your Microsoft account and also on a USB drive. Otherwise, losing it can permanently lock you out.
Alternative Fix for BitLocker TPM Error: Enable TPM
If your device has TPM but it’s disabled, enable it in BIOS/UEFI. Then BitLocker can use hardware-backed key protection.
- Restart your PC and enter BIOS/UEFI (commonly F2, F10, Del, or Esc).
- Open a menu such as Security or Trusted Computing.
- Enable TPM (it may appear as PTT on Intel or fTPM on AMD).
- Save changes and reboot. After that, try enabling BitLocker again.
Verify the BitLocker TPM Error Fix
First, check TPM status. Press Win + R, type tpm.msc, and review the status message. If it says “TPM is ready for use,” the TPM path is working.
Next, confirm BitLocker status from an elevated Command Prompt:
manage-bde -statusIn addition, if you want the full BitLocker setup flow, use this internal guide:
BitLocker Setup Guide (SupportSolved)
FAQ: BitLocker TPM Error
Can I use BitLocker without TPM?
Yes. You can enable BitLocker without TPM by allowing additional authentication at startup. Then use a startup password or a USB key.
Is it secure to use BitLocker without TPM?
Yes, but security depends on your startup password strength and key handling. Therefore, use a strong password and store the recovery key safely.
Can Windows 11 Home users apply this fix?
Windows Home does not include Group Policy Editor. However, you can apply the same setting via the Registry or upgrade to Pro.
Does BitLocker To Go need TPM?
No. BitLocker To Go encrypts removable drives using a password, so TPM is not required.
Where can I learn more about BitLocker?
Use Microsoft’s official documentation: BitLocker Overview – Microsoft Docs
In short, this BitLocker TPM error is usually caused by a missing, disabled, or unavailable TPM. However, you can still enable BitLocker without TPM and protect sensitive data. Finally, always back up your recovery key before you start encryption, because losing it can cause permanent data loss.
For more Windows security tutorials, visit SupportSolved’s Windows Security Section.
