How to access TPM Diagnostics tool to query security data on Windows 11

At the launch of Windows 11, Microsoft announced that the operating system would only support computers with the TPM 2.0 security chip. According to Microsoft, TMP 2.0 is a key component to providing security with Windows Hello and BitLoker. This helps Windows 11 better protect users' identities and data.

In order to help users and administrators easily control the data stored on TPM, Microsoft has added a tool called TPM Diagnostics. This is an additional tool, so to use it, you need to install it first.

To install and use TPM Diagnostics on Windows 11 follow these instructions:

Step 1: Press Windows + I to open Settings then access Apps in the left sidebar

Step 2: Click Optional features

How to access TPM Diagnostics tool to query security data on Windows 11 Picture 1

Step 3: Click View features at Add an optional feature

How to access TPM Diagnostics tool to query security data on Windows 11 Picture 2

Step 4: Enter tpm in the search box then click next to the TPM Diagnostics tool shown below and then click Next > Install to confirm the installation

How to access TPM Diagnostics tool to query security data on Windows 11 Picture 3

Step 5: After waiting for the system to finish installing, you can use TPM Diagnostics through the Windows Terminal (Admin) command window (the new name of Command Prompt)

Step 6: You press Windows + X to open the Power User menu then select Windows Terminal (Admin)

Here you can enter TPM Diagnostics control commands. For example, the TpmDiagnostics.exe GetCapabilities command will list the capabilities and settings of the TPM chip on your machine as shown below:

How to access TPM Diagnostics tool to query security data on Windows 11 Picture 4

In addition to querying stored security keys and other information, you can also use TPM Diagnostics to encrypt/decrypt Base64, Hexadecimal, and Binary files.

With TPM Diagnostics, you can learn a lot of information about Windows 11's basic security mechanisms. However, we recommend that you don't "play around" too much on this TPM Diagnostics tool if you don't know it. clear about it. If misconfigured you may lose the keys necessary for the operations on your machine.

Here is a list of all the commands available in the TPM Diagnostics tool:

Flags: PrintHelp ( /h -h ) PromptOnExit ( -x /x ) UseECC ( -ecc /ecc ) UseAes256 ( -aes256 /aes256 ) QuietPrint ( -q /q ) PrintVerbosely ( -v /v ) Use the 'help' command to get more information about a command. Commands: TPmInfo: GetLockoutInfo IsOwned PlatformType CheckFIPS ReadClock GetDeviceInformation IfxRsaKeygenVulnerability GatherLogs [full directory path] PssPadding IsReadyInformation TPMTask: MaintenanceTaskStatus ShowTaskStatus IsEULAAccepted ProvisionTpm [force clear] [allow PPI prompt] TPmProvisioning: PrepareTPM CanUseLockoutPolicyClear CanClearByPolicy AutoProvisioning: IsAutoProvisioningEnabled EnableAutoProvisioning DisableAutoProvisioning [-o] EK: EkInfo ekchain EkCertStoreRegistry GetEkCertFromWeb [-ecc] [cert file] GetEkCertFromNVR [-ecc] [cert file] GetEkCertFromReg [-ecc] [ output file ] GetEk [-ecc] [key file] CheckEkCertState InstallEkCertFromWeb InstallEkCertFromNVR InstallEkCertThroughCoreProv EKCertificateURL WindowsAIK: InstallWindowsAIK [-skipCert] WinAikPersistedInTpm UninstallWindowsAIKCert GetWindowsAIKCert [cert file] IsWindowsAIKInstalledInNCrypt EnrollWindowsAIKCert GetWindowsAIKPlatformClaim ["fresh"] [output file] OtherKeys: PrintPublicInfo [ srk / aik / ek / handle ] [-asBcryptBlob / -RsaKeyBitsOnly / -RsaSymKeyBitsOnly] [-ecc] TestParms [ SYMCIPHER | RSA ] [ algorithm specific arguments ] EnumerateKeys NVStorage: EnumNVIndexes DefineIndex [index] [size] [attribute flags] UndefineIndex [index] ReadNVIndexPublic [index] WriteNVIndex [index] [data in hex format | -file filename] ReadNVIndex [index] NVSummary NVBootCounter: CheckBootCounter ReadBootCounter [/f] PCRs: PrintPcrs PhysicalPresence: GetPPTransition GetPPVersionInfo GetPPResponse GetPPRequest TPMCommandsAndResponses: CommandCode [hex command code] ResponseCode [hex response code] Tracing: EnableDriverTracing DisableDriverTracing FormatTrace [etl file] [output json file] DRTM: DescribeMle [MLE Binary File] Misc: Help [command name] DecodeBase64File [file to decode from base 64] EncodeToBase64File [file to encode] ReadFileAsHex [file to read] ConvertBinToHex [file to read] [file to write to] ConvertHexToBin [file to read] [file to write to] Hash [hex bytes or raw value to hash] GetCapabilities
5 ★ | 1 Vote

May be interested

  • Action Query in Action 2016Action Query in Action 2016
    action queries are queries that perform actions on data, can add, change or delete records.
  • Create data queries in Access 2016 from simple to complexCreate data queries in Access 2016 from simple to complex
    the query allows to retrieve information from one or more tables based on the search conditions you defined. in this lesson, you will learn how to create queries on a simple table and query on multiple tables in access 2016.
  • Why use Microsoft Power Query for ExcelWhy use Microsoft Power Query for Excel
    if you're looking for a powerful new way to manage data, microsoft excel for windows now has software built in to help you with that, which is microsoft power query. this is a new tool that helps you take control of your spreadsheets more than ever.
  • MS Access 2003 - Lesson 23: Own query designMS Access 2003 - Lesson 23: Own query design
    at this point, you can use the query wizard to create queries. but query wizard only creates a few commonly used queries. if one of those queries doesn't match, you can create your own query.
  • How to Run Diagnostics on MacHow to Run Diagnostics on Mac
    this wikihow teaches you how to run a diagnostics test on a mac computer. all modern mac computers can access the apple diagnostic tool which can be used to diagnose problems with your mac's hardware. this can help pinpoint any issues you...
  • LINQ clears query barriersLINQ clears query barriers
    unified programming solution, which provides the ability to query sql syntax data directly in c # or vb.net, applies to all types of data from objects to relational databases and xml.
  • Covered Query in MongoDBCovered Query in MongoDB
    when all fields in the query are part of the index, mongodb connects query conditions and returns the result by using the same index without looking inside the document. when indexes are present in ram, retrieving data from indexes is faster when compared to retrieving data by scanning all documents.
  • The multiple-choice question set has an answer to Query P1The multiple-choice question set has an answer to Query P1
    in the previous articles, the network administrator sent you read query queries. following the series on this topic, below is the next part of the questionnaire, invite readers to try.
  • The bootcfg query command in WindowsThe bootcfg query command in Windows
    the bootcfg query query and display the entries in the [boot loader] and [operating systems] from boot.ini. the command applies to: windows server (semi-annual channel), windows server 2016, windows server 2012 r2, windows server 2012.
  • MS Access 2010 - Lesson 2: Introduction to objects in AccessMS Access 2010 - Lesson 2: Introduction to objects in Access
    database in access 2010 includes four objects: table, query, form and report. these objects work together to allow you to import, store, analyze and compile your data the way you want.