You might have read that Microsoft’s upcoming Windows 11 requires a Trusted Platform Module (TPM). More recent AMD CPUs support Firmware TPM (fTPM) which implements TPM in software on the CPU instead of requiring a dedicated (discrete) chip. This is how I enabled fTPM.

Enabling fTPM

This post is for modern AMD Ryzen systems using an ASRock B550M Steel Legend motherboard. Other motherboard vendors will likely have vastly different menus to navigate.

On my system, fTPM is disabled by default.To enable:

  • Boot to BIOS by mashing the del key during POST,
  • Head over to Advanced > CPU Configuration,
  • Enable AMD fTPM switch by setting it to AMD CPU fTPM.

At this point, if you try to boot to Windows, you might, like me, get a hung PC. Ouch! Luckily, this Tom’s Hardware article linked to a Microsoft “TPM recommendations” document that states:

TPM 2.0 is not supported in Legacy and CSM Modes of the BIOS... The Legacy and Compatibility Support Module (CSM) options must be disabled.

Ah! So... while still in BIOS:

  • Head over to *Boot > CSM (Compatibility Support Module),
  • Disable CSM,
  • Exit, saving changes.

Be aware that all installed OS’es must use UEFI! No dual booting to an older OS.

If all goes well, you can now successfully boot to Windows.


Disclaimer: I can’t confirm that fTPM is sufficient for Windows 11 though.

Head over to Windows Security > Device Security. If you see “Standard hardware security not supported” then Windows does not recognize fTPM:

Windows 10 Hardware Security Not Supported

But, if there is a page with Security processor details that looks something like this, then fTPM is recognized:

Windows 10 fTPM Security Processor Details