What is TPM 2.0? What does TPM do?
A Trusted Platform Module is a microchip typically built into a computer to provide hardware-based security. It can be added later by diligent users who want to stick the chip in the motherboard. Not all motherboards offer a TPM connector, so you need to research your model first.
What does TPM do?
Some, but not all, of the data you transmit during the day is sent unencrypted, in plain text. TPM chips use a combination of software and hardware to protect any important passwords or encryption keys when they are sent in this unencrypted form.
If the TPM chip finds that the integrity of the system has been compromised by a virus or malware, it can start in isolation mode to help troubleshoot. Some Google Chromebooks include a TPM, and during boot the chip scans the BIOS (the motherboard firmware that initiates the boot process) for unauthorized changes.
The TPM chip also provides secure storage of encryption keys, certificates, and passwords used to log into online services, which is a more secure method than storing them inside software. on the hard drive.
TPM chips in networked set top boxes enable digital rights management, so media companies can distribute content without worrying about it being stolen.
Who is TPM for?
Although initially targeted at businesses or large companies that want data security, TPM chips are now becoming a requirement for all laptops and desktops to keep them all secure. user.
How do you use TPM?
If you buy a PC with a TPM chip, you can enable its encryption to protect data by accessing the BIOS. IT departments typically manage TPM chips in enterprise devices.
Major laptop manufacturers - including Dell, HP and Lenovo - often include software applications that will help users access TPM features.
What can you do with TPM?
The most basic use for TPM is to set a login password for the system. The chip automatically protects that data, instead of keeping it stored on the hard drive. If a system has a TPM chip, its users can create and manage cryptographic keys used to lock the system or specific files.
Many people use TPM to enable Windows' BitLocker Drive encryption utility. When you boot a system with TPM and BitLocker, the chip runs a series of conditional tests to see if it's safe to boot. If TPM finds that the hard drive has been moved to another location, possibly stolen, it locks the system.
Laptops with built-in fingerprint readers often keep recorded fingerprints in the TPM, as the security of the TPM makes it a trusted storage location. The chip also enables smart card readers, which some companies require for user authentication and login.
Trusted Platform Module 2.0
Note: As of July 28, 2016, all new device models, series, or series (or if you are updating the hardware configuration of an existing model, series, or series with an update large, such as CPU, graphics card) must implement and enable TPM 2.0 by default. The TPM 2.0 activation requirement applies only to the manufacture of new devices.
Trusted Platform Module (TPM) technology is designed to provide hardware-based, security-related functionality. The TPM chip is a secure cryptographic processor that helps you perform actions such as generating, storing, and restricting the use of cryptographic keys. Many TPMs also include physical security mechanisms to prevent malware from tampering with the TPM's security functions.
Traditionally, TPMs were discrete chips soldered to a computer's motherboard. Such an implementation allows you as an original equipment manufacturer (OEM) to evaluate and certify the TPM separately from the rest of your system. Some newer TPM implementations integrate TPM functionality into the same chipset as other platform components while still providing the same logical separation as discrete TPM chips.
TPMs are passive: they receive commands and return responses. To realize the full benefits of TPM, you must carefully integrate the system hardware and firmware with the TPM to send commands and react to its responses. TPM provides security and privacy benefits to system hardware, platform owners, and users.
Starting with Windows 10, the operating system automatically initializes and takes ownership of the TPM. That means IT professionals don't need to configure or monitor systems anymore.
You should read it
- Turn off these annoying features immediately on iOS 10
- You will hardly resist these 7 cool features of Mac
- Some useful tips and tricks on iOS 10 - iPhone devices (Part 1)
- Hidden features on iOS 9 are less known
- The latest features of GNOME 40
- The 15 most useful features will appear on iPhone and iPad this fall
- 7 Windows 11 features that should be used more often
- Windows 10 Redstone 4: New features and changes are waiting for you?
- 15 interesting features to use in Microsoft 365
- 10 most interesting features in Windows 7 for IT professionals
- Make the most of the power of Microsoft Word with these 10 hidden features
- How to enable or disable Windows features on Windows 10
Maybe you are interested
How to Use Rufus to Bypass TPM and Secure Boot Requirements in Windows 11
Microsoft: TPM 2.0 in Windows 11 is mandatory and 'non-negotiable'
4 ways to remove TPM on Windows 11
How to access TPM Diagnostics tool to query security data on Windows 11
List of MSI motherboards that support TPM 2.0
How to enable TPM 2.0 to fix 'This PC Can't Run Windows 11' error