When Windows 10 came out, the minimum requirement to install the OS was basically the Memory, CPU, storage, etc. However, that was not the case when Windows 11 launched. You need to meet the minimum hardware requirement, and TPM and secure-boot must be supported too on the machine to install the operating system.
Can Windows 11 be installed without TPM and secure-boot?
Though TPM and secure-boot are the minimum requirements to install the Windows 11 operating system, you can still bypass those checks to proceed with the Windows 11 installation. One of the main reasons many users wanted to bypass the TPM and secure-boot is that the motherboards released a few years back didn’t support the TPM functionality.
And when it comes to virtualization, if you would like to install windows 11 on VirtualBox, you will be required to bypass the TPM and secure the boot. Even though your machine is TPM compatible, by default, VirtualBox doesn’t officially support the TPM feature at the time of this writing.
If you would still like to proceed with the windows 11 installation on VirtualBox without TPM and Secure boot, you may follow the article here.
In this blog, we will check the TPM status on the windows 10 machine and how you can disable the TPM and secure-boot when installing the windows 11 operating system on any device or even on hypervisors.
Note: It is assumed that you already met the hardware requirements to install Windows 11, and wanted to bypass the TPM and secure boot.
Read also,
Windows 11 on KVM – How to Install Step by Step?
How to Install Windows 11 on VMware Workstation? | with TPM and SecureBoot.
What will happen if you bypass TPM on windows 11?
The reason why we require TPM is to secure the operating system. On windows 7 and windows 10 the TPM was the recommended option. Still, it was not mandatory. However, the arrival of windows 11 Microsoft made it mandatory to have TPM enabled while installing the operating system. Though you can still install windows 11 by bypassing TPM and secure boot. And it will work fine for the most part. However, you no longer get the security updates from Microsoft because you don’t meet the system requirement, putting the operating system at a security risk in the end. So as for testing, this option is great, but it is recommended to use a machine with a TPM chip for regular usage. And if you are talking about virtualization, except VirtualBox, you can install windows 11 with TPM on other hypervisors. Such as KVM, ESXi, VMware workstation.
How to check TPM in Windows 10?
If you are running a windows 10 operating system on your machine and planning to upgrade to windows11, and worried about whether your device supports TPM or not, then don’t worry, let’s look at how you can find whether your machine supports TPM or not.
There are two ways you can check the TPM on your machine.
1. From the Device Manager.
Goto Start-> Run or win key + R.
In the prompt, type compmgmt.msc and hit enter.
Click on Device manager under computer Management.
Expand security Devices, and you should see the Trusted Platform Module.
2. Using Microsoft Management console.
The second method is the easiest.
Goto Start-> Run or win key + Run.
Enter tpm.msc and hit enter.
You should see TPM Management on Local Computer, where you can see the Status as the TPM is ready for use.
If you have TPM chip on your motherboard, you can head over to windows update and proceed with the windows 11 upgrade and you will be able to install the windows 11 successfully without any errors.
Steps to bypass TPM and secure boot when installing windows 11.
When you try to install Windows 11 operating system on any machine or even on hypervisors, you will get the below screen that says This PC Cant run windows 11, if you don’t meet the system requirement, especially TPM and secure boot.
However, you can bypass the TPM and secure boot during the windows 11 installation. It can be performed with the GUI or with the CLI. Let’s take a look at both options.
Bypass TPM and secure boot in windows 11 using GUI.
Initiate the windows 11 installation, and continue till you select the operating system you want to install. If you don’t have TPM and secure boot enabled, and when you choose the windows 11 editions and click on Next, you will get the below error message ‘This PC can’t run windows11.’
You may click on the back button here.
You will be taken back to choose the windows 11 editions again, while on the select operating system you want to install screen, you may press shift+f10 (you might need to press the function key )
A command prompt window will appear. We can bypass the TPM and secure boot check by tweaking the registry settings; hence you may type regedit and hit enter.
- The Registry editor window will appear. In the Registry Editor, goto HKEY_LOCAL_MACHINE->SYSTEM->Setup
- Right-click on Setup and click on New->Key.
- In the New Key field, type Labconfig.
- Select Labconfig, right-click on the registry Value field->New->DWORD (32-bit) Value.
- Add below values.
BypassTPMCheck
BypassSecureBootCheckAs you can see, two values are added.
- Right-click on each value and click on Modify.
- Change the Value from 0 to 1.
Once both the values changed to 1, you may close the registry window and the command prompt.
That’s it, we have informed window 11 to bypass the TPM and the secure boot.
If you want to perform the above steps bit faster, then CLI is the right option for it. Let’s take a look at that as well.
Disable TPM using the CLI.
On the Select the operating system you want to install screen;
- Press shift + (function) F10
- In the command prompt, type the below command as it is. we are basically updating the registry value within the command prompt.
REG ADD HKLM\SYSTEM\Setup\Labconfig /v BypassTPMCheck /t REG_DWORD /d 1
REG ADD HKLM\SYSTEM\Setup\Labconfig /v BypassSecureBootCheck /t REG_DWORD /d 1For both the commands, you should get a message ‘The operation completed successfully’. You may close the command prompt and proceed with the windows 11 installation. You should see that the installation proceeds without any issues.
Conclusion.
You can proceed with the installation of Windows 11 without TPM and secure boot, but you need to keep in mind that you no longer get an update from Microsoft, so you need to make a decision based on your requirement. If you plan to move a system from windows 10 to windows 11 in a production machine, that would be a big no.