What is Dell Trusted Platform Module (TPM)?
Dell Trusted Platform Module (abbreviated to TPM) is a chip in most Dell computers for holding software-generated keys required for encryption. Soldered on your computer’s hardware, this module protects sensitive information like encryption keys and passwords. The authentication relies on the hardware, and so is unique to it. This way your data is safe – even if someone removes your drive and makes a run for it. Configuring the Trusted Platform Module might seem hard, but you can tinker with some basic settings by yourself.
The Dell Trusted Platform Module supports safety features such as:
- Hashing – the conversion of a fixed value into another.
- Random number generation – generating a sequence of arbitrary numbers.
- Asymmetric key generation – creating a pair of matched keys, one public and one private.
- Asymmetric encryption/decryption – using one of two created keys to decrypt the other.
Every specific Dell Trusted Platform Module has a distinct identifier embedded in it when manufactured, further cementing the effectiveness of its security. Only the owner may activate and go through with configuring the Dell Trusted Platform Module.
However, not all computers come with the Dell Trusted Platform Module and some countries do not support it due to regulations.
Laptops with Dell TPM
The following computers possess and allow configuring the Dell Trusted Platform Module.
- Every device from the E Series as well as the XT2, XT3, XT2 XFR, Latitude 10, Latitude 13 computers
- OptiPlex – All 60 series devices and further (560, 760, 960)
- Precision WorkStation – All systems from the X500 series and beyond (T3500, T5500, T7500)
- Precision Mobile – All X400 series devices and beyond (M4400, M2400, M6400)
- XPS and Alienware – Ultrabooks and currently shipping models
- Vostro – All X20 series devices and further (1220, 1320, 1520, 1720)
- All Venue devices
Installing the Software and Driver for the Dell TPM
First, check if your PC came with the TPM from the above list, and then you can begin configuring the Dell Trusted Platform Module.
- Turn on your PC, navigate to Start menu > select Run.
- Enter “C:\Dell\TPM\setup.exe” in the bar, and select OK to run the installation wizard for the Dell Trusted Platform Module.
- You can also download a custom image from the Dell website and load it accordingly.
- The wizard prompts you to restart your PC after installing the software – click Yes.
Configuring the Dell Trusted Platform Module Account
Next, you set up the owner account for the Dell Trusted Platform Module using the initialization wizard, which also generates a backup of your TPM data. You can open the wizard from the TPM icon in your notification tray, or make a shortcut in Windows 10.
- To make a shortcut to access this wizard, right-click on your desktop > New > Click on Shortcut.
- In the Create Shortcut window, type “TpmInit” as the location of the item and name it as you desire. Click Finish.
- The shortcut appears on your desktop. Launch it, and follow along.
- The wizard asks you to create a password for making a Basic User Account, which makes an encrypted drive and secures your data. Select the features you want and click Next, until you finish.
Switching on TPM
- Switch on your computer, and when the Dell logo appears press Delete or F2 to launch the BIOS firmware.
- Navigate to Security in the BIOS, and locate the Dell Trusted Platform Module section.
- On the left, you will find the TPM 2.0/1.2 part. Highlight it, and check the box for TPM to turn it on.
- Now you can enable and indulge in further configuring the Dell Trusted Platform Module. After switching on TPM, choose the option “Activate/Enable the TPM”.
- Almost finished – save the changes you just made. You can safely exit BIOS now.
Reset TPM Without Data Loss
If the Dell Trusted Platform Module does not appear in your computer or BIOS, you can easily reset it. Don’t worry – resetting the module does not clear it. When you reset the module, your system tries to find the TPM again and safeguard the data it holds.
To reset the TPM in a laptop, follow these steps:
- Unplug the charger, shut down the computer, and remove all attached USB devices.
- Now, switch on the laptop, and enter BIOS by either pressing F2 or the Delete button.
- Check whether TPM appears in the Security section. If you find it there, that’s all – you don’t need to do anything else.
- If TPM is unavailable shut down the laptop and removes the main battery.
- Keep the charger unplugged as before. Drain the system of static charges, or “flea power”, by pressing the power button for about 60 seconds.
- Insert the battery, plug in the charger, and reboot.
- Shut down the system and remove the power cords from the PC
- As before, continue with draining the flea power. Press down the power knob for about 60 seconds.
- Plug-in the power cords, and turn on the computer.
Encrypting Files with BitLocker and TPM
This useful tool comes bundled with the Professional or Enterprise editions of Windows 10Windows installation. BitLocker provides encryption for entire disks for added safety with the help of TPM. You can use BitLocker without TPM but with the module your encryption security increases.
Simply navigate to This PC on your computer and right-click on the icon of the drive you wish to encrypt. The wizard guides you through the process and generates a key that you need to backup in case you lose access to your drive. BitLocker can either encrypt the whole drive or just the used section. Encryption just the used disk space takes less time.
Flashing the TPM Firmware and Switching the Mode for TPM
Another way for configuring the Dell Trusted Platform Module is to flash it using firmware from the Dell website. Visit your computer’s “Drivers & Downloads” settings to confirm whether your system supports the firmware for changing modes in your system.
Can’t find this setting? Then your system cannot install this feature. If the option appears, make sure to turn on TPM and activate it before flashing the firmware. Ensure the device does not turn off during the process.
Follow these steps to flash the Dell Trusted Platform Module with your selected firmware:
- First, open Windows, and pause any program using TPM. Check the version of the firmware by opening Windows PowerShell from the Start menu, and entering the command “get-tpm”.
- Deactivate Windows Auto Provisioning if necessary, in Windows 8 or 10. Go to Start > PowerShell or Command Prompt, and enter the command “Disable-TpmAutoProvisioning”.
- Restart the system and enter BIOS by pressing F2 or Delete key.
- Go to Security and find the TPM section.
- Select the Clear TPM checkbox and select the “Apply” button.
- Exit BIOS, then launch Windows. Go to the Dell website support page for Drivers and Downloads. Enter your Dell computer model.
- Choose the category for Security, and when the latest firmware update appears in the menu click to download and begin the installation.
- Reboot to continue installing the firmware.
- After the firmware installs, reboot again, and enable Windows Auto Provisioning if you turned it off before. Just go to Start > Powershell and enter the command “Enable-TpmAutoProvisioning” and then press enter.
- Now turn on the BitLocker service again.
You did it!
Note: Does this article provide the info you’re looking for? Is there any information you think of missing or incorrect? You can give your opinion in the comments section below.
If you like this tutorial, share this post and spread the knowledge by clicking on social media options below because “Sharing is caring”