TPM v2 and Bitlocker

TPM is ready for use, with reduced functionality”    -_-

You probably already face the issue with TPM v2, which says “TPM is ready for use, with reduced functionality“.

TPB v2 needs UEFI BIOS. Thus, if you want to start a TPM v2 for bitlocker encryption, you will probably need to reinstall all your system for enabling GPT partitionning. On windows 10, there is a simple solution to avoid reinstalling the OS and will save you a bunch of time.

This is how you can enable your TPM correctly :

On windows 10, there is a useful tool you can use to avoid reinstalling all the system. It’s called MBR2GPT.EXE and is located in C:\Windows\System32\ folder.

Ensure you backed up all your data before doing this! Touching the partition is always at risk, and can end to data loss.

Here is the command you can launch on your system to convert to GPT :

mbr2gpt.exe /convert /allowFullOS

This will convert your MBR disk to GPT while windows 10 is UP.
Then restart using UEFI Secure boot. (Go to BIOS and tell you want to use UEFI secure boot)

You will probably be asked to add a BIOS Password.

 

Here is the result :

On my laptop, TPM has the following information :

PS C:\WINDOWS\system32> get-tpm


TpmPresent : True
TpmReady : True
ManufacturerId : 1229346816
ManufacturerIdTxt : IFX
ManufacturerVersion : 7.62
ManufacturerVersionFull20 : 7.62.12.13824

Now you can activate your bitlocker encryption.

 

Leave a Reply

Your email address will not be published. Required fields are marked *