Privacy and Security Enable or Disable Clear TPM button in Windows Security in Windows 11


  • Staff
TPM_banner2.png

This tutorial will show you how to enable or disable the Clear TPM button in the Windows Security app for all users in Windows 10 and Windows 11.

Trusted Platform Module (TPM) technology is designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. The chip includes multiple physical security mechanisms to make it tamper resistant, and malicious software is unable to tamper with the security functions of the TPM.

You can clear the TPM as a troubleshooting step, or as a final preparation before a clean installation of a new operating system. Preparing for a clean installation in this way helps ensure that the new operating system can fully deploy any TPM-based functionality that it includes, such as attestation. However, even if the TPM isn't cleared before a new operating system is installed, most TPM functionality will probably work correctly.

Clearing the TPM resets it to an unowned state. After you clear the TPM, the Windows operating system will automatically reinitialize it and take ownership again.

If you don't want users to be able to click the Clear TPM button in the Windows Security app, you can disable it with the Disable the Clear TPM button Group Policy setting.

Reference:
learn.microsoft.com

TPM Group Policy settings - Windows Security

This topic describes the Trusted Platform Module (TPM) Services that can be controlled centrally by using Group Policy settings.
learn.microsoft.com


You must be signed in as an administrator to enable or disable the Clear TPM button in Windows Security.



Contents

  • Option One: Enable or Disable Clear TPM button in Windows Security in Local Group Policy Editor
  • Option Two: Enable or Disable Clear TPM button in Windows Security using REG file


EXAMPLE: Clear TPM button disabled in Windows Security app

Clear-TPM_button_disabled_in_Windows_Security.png





Option One

Enable or Disable Clear TPM button in Windows Security in Local Group Policy Editor


The Local Group Policy Editor is only available in the Windows 10/11 Pro, Enterprise, and Education editions.

All editions can use Option Two to configure the same policy.


1 Open the Local Group Policy Editor (gpedit.msc).

2 Navigate to the policy location below in the left pane of the Local Group Policy Editor. (see screenshot below)

Computer Configuration > Administrative Templates > Windows Components > Windows Security > Device security

Clear-TPM_button_gpedit-1.png

3 In the right pane of Device security in the Local Group Policy Editor, double click/tap on the Disable the Clear TPM button policy to edit it. (see screenshot above)

4 Do step 5 (enable) or step 6 (disable) below for what you want.

5 Enable Clear TPM button in Windows Security

This is the default setting.


A) Select (dot) Not Configured. (see screenshot below)​

B) Click/tap on OK, and go to step 7.​

Clear-TPM_button_gpedit-2.png

6 Disable Clear TPM button in Windows Security

A) Select (dot) Enabled. (see screenshot below)​

B) Click/tap on OK, and go to step 7.​

Clear-TPM_button_gpedit-3.png

7 You can now close the Local Group Policy Editor if you like.




Option Two

Enable or Disable Clear TPM button in Windows Security using REG file


1 Do step 2 (enable) or step 3 (disable) below for what you want.

2 Enable Clear TPM button in Windows Security

This is the default setting


A) Click/tap on the Download button below to download the file below, and go to step 4 below.​

Enable_Clear-TPM_button_in_Windows_Security.reg


(Contents of REG file for reference)
Code: 
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Device security]
"DisableClearTpmButton"=-

3 Disable Clear TPM button in Windows Security

A) Click/tap on the Download button below to download the file below, and go to step 4 below.​

Disable_Clear-TPM_button_in_Windows_Security.reg


(Contents of REG file for reference)
Code: 
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Device security]
"DisableClearTpmButton"=dword:00000001

4 Save the REG file to your desktop.

5 Double click/tap on the downloaded REG file to merge it.

6 When prompted, click/tap on Run, Yes (UAC), Yes, and OK to approve the merge.

7 Either restart explorer process, sign out and sign in, or restart the computer to apply.

8 You can now delete the downloaded REG file if you like.


That's it,
Shawn Brink


Related Tutorials

 

Attachments

  • TPM.png
    TPM.png
    4.4 KB · Views: 56
  • Disable_Clear-TPM_button_in_Windows_Security.reg
    714 bytes · Views: 103
  • Enable_Clear-TPM_button_in_Windows_Security.reg
    688 bytes · Views: 121
Last edited:
Click to expand...
You must log in or register to reply here.

Similar Windows 11 Tutorials

  • Article
Accounts Enable or Disable Microsoft Accounts in Windows 11
Replies
0
Views
2K
Brink
Brink
  • Article
Apps Enable or Disable "Pin to taskbar" for Microsoft Store app in Windows 11
Replies
0
Views
1K
Brink
Brink
  • Article
System Enable or Disable Create Dev Drive in Windows 11
Replies
0
Views
2K
Brink
Brink
  • Article
Browsers and Mail Enable or Disable Bypass Enhanced Security Mode in Microsoft Edge
Replies
0
Views
3K
Brink
Brink
  • Article
Browsers and Mail Enable or Disable Designer Image Editor in Microsoft Edge
Replies
1
Views
1K
cute two
C
  • Article
Browsers and Mail Enable or Disable Open Site or App to Sidebar in Microsoft Edge
Replies
0
Views
2K
Brink
Brink
  • Article
Browsers and Mail Enable or Disable Additional Search Box in Microsoft Edge
Replies
2
Views
2K
Brink
Brink

Latest Support Threads

Latest Tutorials

Back
Top Bottom