Hi everyone,
A friend of mine getting these fTPM prompts everytime the laptop starts and its a dell inspiron laptop with windows 11. I haven’t used windows in a while and Windows 10 was the last one that I had used. The prompt is this
Press Y to reset fTPM, if you have bitlocker or encryption-enabled system, the system will not boot without a recovery key.
Press N to keep previous fTPM record and continue system boot, fTPM will NOT be enabled with new CPU unless fTPM is reset (reinitialized). You could swap back to the old CPU to recover TPM related keys and data.
From my understanding, Bit locker is not enabled by default in home edition of Windows but I am not sure of Windows 11 and the system boots just fine when selecting “NO”. I saw few posts regarding this issue and I found that disabling fTPM in bios get rid of that popup but if bitlocker is enabled then decryption will fail and system might not boot at all. And resetting fTPM doesn’t sound like a good idea. I can’t get much info about that system right now so did any of you experienced something like this with a laptop and it seems like its affecting laptops with amd CPUs.
Also, is this a Windows specific thing like I remember Linus torvalds said something about disabling fTPM in linux kernel because of performance issues and Windows users had similar issues.
disable the tpm module in bios or reset the tpm keys, either will do.
its caused by installing a fresh bios on an install of windows 10/11, which either invalidates existing keys or gives this warning if tpm was off before the upgrade and is now on.
so yeah the easy solution is just turn it off if using win 10.
reset them if your using 11 and need the module on.
boot into the system and see if bitlocker is being used.
if it is, you will have to roll back to the old bios.
then go to the tpm key in bios and write it down, all 48 digits of the key.
reboot and see if bitlocker still works. (it should)
if it does.
install the new bios again, when asked for new keys .
enter the key from the old bios tmp.
save and reboot…
you should now have access to the bitlocker files.
if they dont use bitlocker then just reset the keys. so when you do use bitlocker your key is valid.
2 Likes
This is the way.
The last bios update to my main pc patched / updated the ftpm on it and had to reset the ftpm keys (under secure boot options) and fixed the issue.
1 Like
Hi, I am also getting this message on every start up. I swapped my CPU today from a RYZEN 5600x to a 5900x. That’s it, nothing else. In addition, my PC will not turn off using the shut down function. It will just automatically turn back on after 3sec or so. I have to hold the power button on my tower to shut it down. Can anyone help suggesting what to do?.. new install of windows 11? Update mobo version?
I have an RTX 3070 GPU, and an Asrock x570 steel legend series mobo running on windows 11.
Thanks
-Matt
Home edition of Windows comes without Bitlocker, but worth doublechecking that it is not on.
When using Bitlocker, do keep a backup of the Bitlocker key, it also normally gets saved into the Microsoft account, but you will need another device to access the backup, in case the original device decides to invalidate the TPM configuration.
Do check your backups upfront, and make sure you can access them with alternative device.
Such invalidation can happen due to things like bios updates or hardware changes. It is normal… If you use Bitlocker, you will not be able to boot just by pressing “No”.