Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11How to access TPM Diagnostics tool to query security data on Windows 11
At the launch of Windows 11, Microsoft announced that the operating system would only support computers with the TPM 2.0 security chip. According to Microsoft, TMP 2.0 is a key component to providing security with Windows Hello and BitLoker. This helps Windows 11 better protect users' identities and data.
In order to help users and administrators easily control the data stored on TPM, Microsoft has added a tool called TPM Diagnostics. This is an additional tool, so to use it, you need to install it first.
To install and use TPM Diagnostics on Windows 11 follow these instructions:
Step 1: Press Windows + I to open Settings then access Apps in the left sidebar
Step 2: Click Optional features
How to access TPM Diagnostics tool to query security data on Windows 11 Picture 1
Step 3: Click View features at Add an optional feature
How to access TPM Diagnostics tool to query security data on Windows 11 Picture 2
Step 4: Enter tpm in the search box then click next to the TPM Diagnostics tool shown below and then click Next > Install to confirm the installation
How to access TPM Diagnostics tool to query security data on Windows 11 Picture 3
Step 5: After waiting for the system to finish installing, you can use TPM Diagnostics through the Windows Terminal (Admin) command window (the new name of Command Prompt)
Step 6: You press Windows + X to open the Power User menu then select Windows Terminal (Admin)
Here you can enter TPM Diagnostics control commands. For example, the TpmDiagnostics.exe GetCapabilities command will list the capabilities and settings of the TPM chip on your machine as shown below:
How to access TPM Diagnostics tool to query security data on Windows 11 Picture 4
In addition to querying stored security keys and other information, you can also use TPM Diagnostics to encrypt/decrypt Base64, Hexadecimal, and Binary files.
With TPM Diagnostics, you can learn a lot of information about Windows 11's basic security mechanisms. However, we recommend that you don't "play around" too much on this TPM Diagnostics tool if you don't know it. clear about it. If misconfigured you may lose the keys necessary for the operations on your machine.
Here is a list of all the commands available in the TPM Diagnostics tool:
Flags: PrintHelp ( /h -h ) PromptOnExit ( -x /x ) UseECC ( -ecc /ecc ) UseAes256 ( -aes256 /aes256 ) QuietPrint ( -q /q ) PrintVerbosely ( -v /v ) Use the 'help' command to get more information about a command. Commands: TPmInfo: GetLockoutInfo IsOwned PlatformType CheckFIPS ReadClock GetDeviceInformation IfxRsaKeygenVulnerability GatherLogs [full directory path] PssPadding IsReadyInformation TPMTask: MaintenanceTaskStatus ShowTaskStatus IsEULAAccepted ProvisionTpm [force clear] [allow PPI prompt] TPmProvisioning: PrepareTPM CanUseLockoutPolicyClear CanClearByPolicy AutoProvisioning: IsAutoProvisioningEnabled EnableAutoProvisioning DisableAutoProvisioning [-o] EK: EkInfo ekchain EkCertStoreRegistry GetEkCertFromWeb [-ecc] [cert file] GetEkCertFromNVR [-ecc] [cert file] GetEkCertFromReg [-ecc] [ output file ] GetEk [-ecc] [key file] CheckEkCertState InstallEkCertFromWeb InstallEkCertFromNVR InstallEkCertThroughCoreProv EKCertificateURL WindowsAIK: InstallWindowsAIK [-skipCert] WinAikPersistedInTpm UninstallWindowsAIKCert GetWindowsAIKCert [cert file] IsWindowsAIKInstalledInNCrypt EnrollWindowsAIKCert GetWindowsAIKPlatformClaim ["fresh"] [output file] OtherKeys: PrintPublicInfo [ srk / aik / ek / handle ] [-asBcryptBlob / -RsaKeyBitsOnly / -RsaSymKeyBitsOnly] [-ecc] TestParms [ SYMCIPHER | RSA ] [ algorithm specific arguments ] EnumerateKeys NVStorage: EnumNVIndexes DefineIndex [index] [size] [attribute flags] UndefineIndex [index] ReadNVIndexPublic [index] WriteNVIndex [index] [data in hex format | -file filename] ReadNVIndex [index] NVSummary NVBootCounter: CheckBootCounter ReadBootCounter [/f] PCRs: PrintPcrs PhysicalPresence: GetPPTransition GetPPVersionInfo GetPPResponse GetPPRequest TPMCommandsAndResponses: CommandCode [hex command code] ResponseCode [hex response code] Tracing: EnableDriverTracing DisableDriverTracing FormatTrace [etl file] [output json file] DRTM: DescribeMle [MLE Binary File] Misc: Help [command name] DecodeBase64File [file to decode from base 64] EncodeToBase64File [file to encode] ReadFileAsHex [file to read] ConvertBinToHex [file to read] [file to write to] ConvertHexToBin [file to read] [file to write to] Hash [hex bytes or raw value to hash] GetCapabilities
Samuel DanielYou should read it
- How to use Apple Diagnostics to troubleshoot Macs
- How to use Indexer Diagnostics in Windows 10
- How to read the results of the Memory Diagnostics Tool in Event Viewer on Windows 10
- How to determine if computer memory has a problem?
- How to Run Diagnostics on Mac
- Use EtreCheck to scan, check for errors on your Mac
- How to fix errors in Microsoft Word 2007
- Effective network diagnostics with Windows Network Diagnostic
- How to disable Automatic Maintenance on Windows 10
- Fix applications in Microsoft Office 2007
- How to Boot a Mac from Firewire
- These free utilities check and diagnose hard drive health
Maybe you are interested
Windows 11
List of MSI motherboards that support TPM 2.0- Microsoft rolls out super-light Windows 11 but it's not for everyone
- 5 ways to fix Touchpad/Trackpad not working after updating to Windows 11
- How to enable TPM 2.0 to fix 'This PC Can't Run Windows 11' error
- Microsoft is developing a feature to make the new PC setup process easier
- How to resize the Taskbar on Windows 11
List of MSI motherboards that support TPM 2.0
Microsoft rolls out super-light Windows 11 but it's not for everyone
5 ways to fix Touchpad/Trackpad not working after updating to Windows 11
How to enable TPM 2.0 to fix 'This PC Can't Run Windows 11' error
Microsoft is developing a feature to make the new PC setup process easier
How to resize the Taskbar on Windows 11