Anyone have experience using BitLocker with a firmware TPM?


  1. Posts : 4,174
    Windows 11 Pro, 24H2
       #1

    Anyone have experience using BitLocker with a firmware TPM?


    I am in the process of gathering all the parts for a new computer build. This build is going to be based upon an Intel i9-11900K CPU.

    Before anyone jumps on me for my decision to go Intel rather than AMD, I'll simply say that I have some very specific reasons for going that route.

    My understanding is that this CPU includes a firmware TPM. It is also my understanding that some current AMD CPUs also include a firmware TPM.

    Does anyone have any experience in using a firmware TPM? The motherboard that I will be using includes a connector to attach a TPM module, but I'm just wondering if anyone has used a firmware based TPM. Is this something that Windows can currently use? If so, is it completely transparent to the user where operations are identical to having a physical TPM? Any advantage to using a physical TPM over the firmware TPM?
      My Computers


  2. Posts : 26
    Windows 10 Pro
       #2

    Hi, I have run Bitlocker with both options as you'll see from other postings I have made in this forum. I am using AMD but in response to your questions:-

    Is this something that Windows can currently use? Yes.

    If so, is it completely transparent to the user where operations are identical to having a physical TPM? Yes, I found it so.

    Any advantage to using a physical TPM over the firmware TPM?. None that affected myself but I only use my PC's for browsing, email etc. I don't play games.

    I have two desktops that I initially fitted with the TPM. I then converted one to use the Ryzen firmware for a test in another posting. . It was painless. I have since reverted back to the physical TPM---again with little effort. The reason I have gone back to the Physical TPM is to avoid any problems if I ever update the BIOS. I found instances on the web where BIOS levels were reportedly affecting the usage of the firmware TPM. My boards are ASUS X570's and whether BIOS updates would affect me, I don't know, but now it won't since I'm back on the Physical TPM.
      My Computer


  3. Posts : 4,174
    Windows 11 Pro, 24H2
    Thread Starter
       #3

    @RTeeL, thanks so much, that's extremely helpful.

    I just want to add one point here from my latest research.

    I think that I was wrong when I said that the firmware TPM is unique to certain CPUs, or at least it's not a built-in function of the CPU. It looks like the firmware implementation is actually part of the MB firmware (UEFI). Maybe that's why you saw issues when updating the BIOS.

    Thanks again for the info!
      My Computers


  4. Posts : 26
    Windows 10 Pro
       #4

    @hsehestedt Hi, Just to clarify:- Maybe that's why you saw issues when updating the BIOS.

    I personally did not have any issues when updating the BIOS. I'd done a search and came across this guy Craxton having problems that were fixed by a BIOS change. Post #34 in this posting.

    I think you are correct that the firmware is part of the BIOS. I don't normally update the BIOS unless I see something relevant that it is fixing. The last BIOS update I did on these boards was from 1405 to 2802 as there was an improvement for fan control. Anyway I noticed by chance that ASUS released a new one on the 12th.---two days ago. I decided to install that and see what result I got.
    Anyone have experience using BitLocker with a firmware TPM?-bios_3602.png

    So I decrypted my drives, backed them up and cleared out the TPM with a reset. Updated the BIOS and set the TPM to use the firmware as opposed to the discrete one.

    Previously on 2802 I got this result for the firmware TPM:-Anyone have experience using BitLocker with a firmware TPM?-x570p_tpm_mgement.png

    Now with 3602 I get this:-

    Anyone have experience using BitLocker with a firmware TPM?-amd-version.png

    Enabled Bitlocker on all three drives--no problems. ("E" is my backup disk for Macrium images--so is currently locked.)
    Anyone have experience using BitLocker with a firmware TPM?-belarc.png

    Still a mystery to me as to why Max couldn't get his Bitlocker to work, so I hope your new build goes well for you.

    RTL
      My Computer


  5. Posts : 4,174
    Windows 11 Pro, 24H2
    Thread Starter
       #5

    Thanks for the follow-up. I may setup a firmware TPM initially as a test, but as cheap as the TPM modules are I may just get one of those as well.

    Now all I need is for Intel to get those Rocket Lake CPUs released.
      My Computers


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 09:17.
Find Us




Windows 10 Forums