Windows 11 Home - TPM Encryption


Bigs

Member
Local time
3:38 AM
Posts
21
OS
Windows 11 Home
First time post here, excuse any lack of Protocols.

I've been running Windows 11 Home edition on a Gigabyte Z390-UD mainboard (3yr old) for well over 6 months with no problems.
My mainboard never had a TPM module, but my Bios settings let me install Win11, and have allowed me to run Secure Boot.
I have just now installed a TPM module "Gigabyte GC-TPM2.0_S 2.0 Trusted Platform Module for Z390".
The plan was so I could finally use Device Encrytion, as well as Secure Boot. (Obviously Home edition does not support Bitlocker)
The issue I now have is I DON'T have the option in Settings for Device Encryption.
After some research, I believe I need to have Modern Standby (S0 Low Power Idle) enabled.
I ran Command Prompt "powercfg /a" and found (see attached file):
Standby (S3), Hibernate, Hybrid Sleep, Fast Startup are available.
Standby (S1), (S2), (S0) not available, saying "The system firmware does not support this standby state".
So my question is: Have I reached the end of my search? Or can I still somehow enable Modern Standby (S0 Low Power Idle) ?
I do have "Networking connectivity in Standby" enabled in my Power Options, but I feel I'm nissing something obvious.

Something I also read:
"When writing this article, the Modern Standby feature is unavailable on some Windows 11 Home PCs. Unfortunately, this results in the Device Encryption option being missing as well, since both the features work synchronously. In essence, a bug in Windows 11 Home PC prevents data from being encrypted when the computer goes in any low power modes"

Any suggestions gratefully accepted, thanks in advance.
 
Windows Build/Version
Version 21H2 (OS Build 22000.613)

Attachments

  • powercfg results.png
    powercfg results.png
    7.2 KB · Views: 11
Last edited:

My Computer

System One

  • OS
    Windows 11 Home
    Computer type
    PC/Desktop
    Manufacturer/Model
    Homebuilt
    CPU
    Intel Core i5 p400F
    Motherboard
    Gigabyte Z390-UD rev.1
    Memory
    Kingston HyperX Fury 16GB (2x8) DDR4-2400
    Graphics Card(s)
    NVidia GeForce GTX 1050 Ti (4GB)
    Sound Card
    Onboard
    Monitor(s) Displays
    27" Samsung
    Screen Resolution
    1920 x 1080
    Hard Drives
    Samsun SSD 970 EVO 500GB
    PSU
    450W Corsair
    Case
    Coolermaster Masterbox MB530P
    Cooling
    Fans x 6
    Keyboard
    Logitech wireless
    Mouse
    Logitech wireless
    Internet Speed
    25mbps
    Browser
    Edge, Opera
    Antivirus
    Windows Defender, Malwarebytes (free)
You don't need a TPM module, your motherboard has it built-in (Intel Platform Trust Technology - PTT).
 

My Computers

System One System Two

  • OS
    Windows 11 Workstation
    Computer type
    PC/Desktop
    Manufacturer/Model
    doofenshmirtz evil incorporated
    CPU
    Ryzen 9 5950X
    Motherboard
    Asus ROG Crosshair VIII Formula
    Memory
    Corsair Vengeance RGB PRO Black 64GB (4x16GB) 3600MHz AMD Ryzen Tuned DDR4
    Graphics Card(s)
    ASUS AMD Radeon RX 6900 XT 16GB ROG Strix LC OC
    Sound Card
    Sound BlasterX Katana
    Monitor(s) Displays
    3 x27" Dell U2724D & 1 x 34" Dell U3415W
    Hard Drives
    Samsung 980 Pro 1TB M.2 2280 PCI-e 4.0 x4 NVMe Solid State
    Drive
    PSU
    ASUS ROG THOR 850W 80 Plus Platinum
    Case
    ASUS ROG Strix Helios Midi-Tower ARGB Gaming Case
    Cooling
    ASUS ROG Strix LC Performance RGB AIO CPU Liquid Cooler - 360mm
    Keyboard
    Logi Ergo
    Mouse
    Logitech MX Vertical
    Internet Speed
    900/100 Mbps
    Browser
    Chrome
    Antivirus
    Windows Defender, Malwarebytes Pro
    Other Info
    HP M281 Printer
    Logitech Brio Stream webcam
    Yeti X mic
  • Operating System
    Windows 10
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop
    CPU
    i7
I did check my Gigabyte Z390-UD last year when I tried to install Win11, and it didn't support a TPM chip.
But like you say, it does have the Trust Tech PTT.
Either way, I can't access Device Encryption.
 

My Computer

System One

  • OS
    Windows 11 Home
    Computer type
    PC/Desktop
    Manufacturer/Model
    Homebuilt
    CPU
    Intel Core i5 p400F
    Motherboard
    Gigabyte Z390-UD rev.1
    Memory
    Kingston HyperX Fury 16GB (2x8) DDR4-2400
    Graphics Card(s)
    NVidia GeForce GTX 1050 Ti (4GB)
    Sound Card
    Onboard
    Monitor(s) Displays
    27" Samsung
    Screen Resolution
    1920 x 1080
    Hard Drives
    Samsun SSD 970 EVO 500GB
    PSU
    450W Corsair
    Case
    Coolermaster Masterbox MB530P
    Cooling
    Fans x 6
    Keyboard
    Logitech wireless
    Mouse
    Logitech wireless
    Internet Speed
    25mbps
    Browser
    Edge, Opera
    Antivirus
    Windows Defender, Malwarebytes (free)
Have you turned it on in the Bios?
 

My Computers

System One System Two

  • OS
    Windows 11 Workstation
    Computer type
    PC/Desktop
    Manufacturer/Model
    doofenshmirtz evil incorporated
    CPU
    Ryzen 9 5950X
    Motherboard
    Asus ROG Crosshair VIII Formula
    Memory
    Corsair Vengeance RGB PRO Black 64GB (4x16GB) 3600MHz AMD Ryzen Tuned DDR4
    Graphics Card(s)
    ASUS AMD Radeon RX 6900 XT 16GB ROG Strix LC OC
    Sound Card
    Sound BlasterX Katana
    Monitor(s) Displays
    3 x27" Dell U2724D & 1 x 34" Dell U3415W
    Hard Drives
    Samsung 980 Pro 1TB M.2 2280 PCI-e 4.0 x4 NVMe Solid State
    Drive
    PSU
    ASUS ROG THOR 850W 80 Plus Platinum
    Case
    ASUS ROG Strix Helios Midi-Tower ARGB Gaming Case
    Cooling
    ASUS ROG Strix LC Performance RGB AIO CPU Liquid Cooler - 360mm
    Keyboard
    Logi Ergo
    Mouse
    Logitech MX Vertical
    Internet Speed
    900/100 Mbps
    Browser
    Chrome
    Antivirus
    Windows Defender, Malwarebytes Pro
    Other Info
    HP M281 Printer
    Logitech Brio Stream webcam
    Yeti X mic
  • Operating System
    Windows 10
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop
    CPU
    i7
Bios does show the TPM module now I just installed it.
Like I said, I've been running Secure Boot since installing Win11 6 mths ago.
Sys info always said that TPM something or other was active.
I can't find any other settings in Bios that would let me enable it, and I'm pretty sure Bios says it is enabled.
 

My Computer

System One

  • OS
    Windows 11 Home
    Computer type
    PC/Desktop
    Manufacturer/Model
    Homebuilt
    CPU
    Intel Core i5 p400F
    Motherboard
    Gigabyte Z390-UD rev.1
    Memory
    Kingston HyperX Fury 16GB (2x8) DDR4-2400
    Graphics Card(s)
    NVidia GeForce GTX 1050 Ti (4GB)
    Sound Card
    Onboard
    Monitor(s) Displays
    27" Samsung
    Screen Resolution
    1920 x 1080
    Hard Drives
    Samsun SSD 970 EVO 500GB
    PSU
    450W Corsair
    Case
    Coolermaster Masterbox MB530P
    Cooling
    Fans x 6
    Keyboard
    Logitech wireless
    Mouse
    Logitech wireless
    Internet Speed
    25mbps
    Browser
    Edge, Opera
    Antivirus
    Windows Defender, Malwarebytes (free)
Would Hybrid Sleep (which is available) be an issue?
Meaning, is it stopping the S0 sleep state?
I did set Sleep to happen after 1 minute, and it didn't. But I can manuall put it in Sleep state. Don't know which state that is, tho. S1, 2, or 3
 

My Computer

System One

  • OS
    Windows 11 Home
    Computer type
    PC/Desktop
    Manufacturer/Model
    Homebuilt
    CPU
    Intel Core i5 p400F
    Motherboard
    Gigabyte Z390-UD rev.1
    Memory
    Kingston HyperX Fury 16GB (2x8) DDR4-2400
    Graphics Card(s)
    NVidia GeForce GTX 1050 Ti (4GB)
    Sound Card
    Onboard
    Monitor(s) Displays
    27" Samsung
    Screen Resolution
    1920 x 1080
    Hard Drives
    Samsun SSD 970 EVO 500GB
    PSU
    450W Corsair
    Case
    Coolermaster Masterbox MB530P
    Cooling
    Fans x 6
    Keyboard
    Logitech wireless
    Mouse
    Logitech wireless
    Internet Speed
    25mbps
    Browser
    Edge, Opera
    Antivirus
    Windows Defender, Malwarebytes (free)
This is also what I get.
I ran the 'System Info' as administrator and under 'Device Encryption Support' is:

"Reasons for failed automatic device encryption: Hardware Security Test Interface failed and device is not Modern Standby, Un-allowed DMA capable bus/device(s) detected"
 

My Computer

System One

  • OS
    Windows 11 Home
    Computer type
    PC/Desktop
    Manufacturer/Model
    Homebuilt
    CPU
    Intel Core i5 p400F
    Motherboard
    Gigabyte Z390-UD rev.1
    Memory
    Kingston HyperX Fury 16GB (2x8) DDR4-2400
    Graphics Card(s)
    NVidia GeForce GTX 1050 Ti (4GB)
    Sound Card
    Onboard
    Monitor(s) Displays
    27" Samsung
    Screen Resolution
    1920 x 1080
    Hard Drives
    Samsun SSD 970 EVO 500GB
    PSU
    450W Corsair
    Case
    Coolermaster Masterbox MB530P
    Cooling
    Fans x 6
    Keyboard
    Logitech wireless
    Mouse
    Logitech wireless
    Internet Speed
    25mbps
    Browser
    Edge, Opera
    Antivirus
    Windows Defender, Malwarebytes (free)
I have just now installed a TPM module "Gigabyte GC-TPM2.0_S 2.0 Trusted Platform Module for Z390".
Bios does show the TPM module now I just installed it.

I can't find any other settings in Bios that would let me enable it, and I'm pretty sure Bios says it is enabled.

You didn't need to buy a module, and it wasn't needed for Windows 11's TPM requirement. PTT would have worked just fine. That said, since you did install one, then under the "Peripherals" tab in your BIOS make sure "Trust Computing" is enabled. This is what actually enables the module.

Also, since you installed a module, I'm not sure you still need PTT enabled, BUT, if your issue still persists, try enabling it to see if that helps. But first, just enable Trust Computing and see how that goes before enabling PTT.

Hope this helps.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro 23H2 (Build 22631.4249)
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom built
    CPU
    Intel i9-9900K
    Motherboard
    Gigabyte Aorus Z390 Xtreme
    Memory
    32G (4x8) DDR4 Corsair RGB Dominator Platinum (3600Mhz)
    Graphics Card(s)
    Radeon (XFX MERC 310) RX 7900XT
    Sound Card
    Onboard (ESS Sabre HiFi using Realtek drivers)
    Monitor(s) Displays
    27-inch Eizo Color Edge - CG2700X
    Screen Resolution
    3840 x 2160
    Hard Drives
    5 Samsung SSD drives: 2X 970 NVME (512 & 1TB), 3X EVO SATA (2X 2TB, 1X 1TB)
    PSU
    EVGA Super Nova I000 G2 (1000 watt)
    Case
    Cooler Master H500M
    Cooling
    Corsair H115i Elite Capellix XT
    Keyboard
    Logitech Craft
    Mouse
    Logitech MX Master 3
    Internet Speed
    500mb Download. 11mb Upload
    Browser
    Microsoft Edge Chromium
    Antivirus
    Windows Security
    Other Info
    System used for gaming, photography, music, school.
  • Operating System
    Win 11 Pro 23H2 (build 22631.4112)
    Computer type
    Laptop
    Manufacturer/Model
    Lenovo ThinkPad X1 Carbon (Gen 12)
    CPU
    Intel Core Ultra 7 165U vPro® Processor
    Motherboard
    Vendor
    Memory
    32 GB LPDDR5X-6400MHz (Soldered)
    Graphics card(s)
    Intel Graphics
    Sound Card
    Onboard
    Monitor(s) Displays
    14" 2.8K OLED, Anti Reflection, Touch, HDR 500, 400 nits, 120Hz
    Screen Resolution
    2880 x 1800
    Hard Drives
    1 TB SSD M.2 2280 PCIe Gen4 Performance TLC Opal
    PSU
    Vendor
    Case
    Lenovo
    Cooling
    Vapor Chamber Cooling
    Mouse
    Touchpad: Haptic Touchpad
    Keyboard
    Backlit, Black with Fingerprint Reader and WWAN
    Internet Speed
    100MB
    Browser
    Edge Chromium
    Antivirus
    Windows Security
    Other Info
    202. Build Your Own laptop.
    vPro Certified Model: vPro Enterprise
I do have PTT enabled, and everything worked ok as far as it let me Secure Boot.
But I was told I needed the actual TPM module if I wanted to use Device Encryption.
That's now where the issue is, Device Encryption still does NOT show up in Settings.
 

My Computer

System One

  • OS
    Windows 11 Home
    Computer type
    PC/Desktop
    Manufacturer/Model
    Homebuilt
    CPU
    Intel Core i5 p400F
    Motherboard
    Gigabyte Z390-UD rev.1
    Memory
    Kingston HyperX Fury 16GB (2x8) DDR4-2400
    Graphics Card(s)
    NVidia GeForce GTX 1050 Ti (4GB)
    Sound Card
    Onboard
    Monitor(s) Displays
    27" Samsung
    Screen Resolution
    1920 x 1080
    Hard Drives
    Samsun SSD 970 EVO 500GB
    PSU
    450W Corsair
    Case
    Coolermaster Masterbox MB530P
    Cooling
    Fans x 6
    Keyboard
    Logitech wireless
    Mouse
    Logitech wireless
    Internet Speed
    25mbps
    Browser
    Edge, Opera
    Antivirus
    Windows Defender, Malwarebytes (free)

My Computers

System One System Two

  • OS
    Windows 11 Pro 23H2 (Build 22631.4249)
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom built
    CPU
    Intel i9-9900K
    Motherboard
    Gigabyte Aorus Z390 Xtreme
    Memory
    32G (4x8) DDR4 Corsair RGB Dominator Platinum (3600Mhz)
    Graphics Card(s)
    Radeon (XFX MERC 310) RX 7900XT
    Sound Card
    Onboard (ESS Sabre HiFi using Realtek drivers)
    Monitor(s) Displays
    27-inch Eizo Color Edge - CG2700X
    Screen Resolution
    3840 x 2160
    Hard Drives
    5 Samsung SSD drives: 2X 970 NVME (512 & 1TB), 3X EVO SATA (2X 2TB, 1X 1TB)
    PSU
    EVGA Super Nova I000 G2 (1000 watt)
    Case
    Cooler Master H500M
    Cooling
    Corsair H115i Elite Capellix XT
    Keyboard
    Logitech Craft
    Mouse
    Logitech MX Master 3
    Internet Speed
    500mb Download. 11mb Upload
    Browser
    Microsoft Edge Chromium
    Antivirus
    Windows Security
    Other Info
    System used for gaming, photography, music, school.
  • Operating System
    Win 11 Pro 23H2 (build 22631.4112)
    Computer type
    Laptop
    Manufacturer/Model
    Lenovo ThinkPad X1 Carbon (Gen 12)
    CPU
    Intel Core Ultra 7 165U vPro® Processor
    Motherboard
    Vendor
    Memory
    32 GB LPDDR5X-6400MHz (Soldered)
    Graphics card(s)
    Intel Graphics
    Sound Card
    Onboard
    Monitor(s) Displays
    14" 2.8K OLED, Anti Reflection, Touch, HDR 500, 400 nits, 120Hz
    Screen Resolution
    2880 x 1800
    Hard Drives
    1 TB SSD M.2 2280 PCIe Gen4 Performance TLC Opal
    PSU
    Vendor
    Case
    Lenovo
    Cooling
    Vapor Chamber Cooling
    Mouse
    Touchpad: Haptic Touchpad
    Keyboard
    Backlit, Black with Fingerprint Reader and WWAN
    Internet Speed
    100MB
    Browser
    Edge Chromium
    Antivirus
    Windows Security
    Other Info
    202. Build Your Own laptop.
    vPro Certified Model: vPro Enterprise
I do have PTT enabled, and everything worked ok as far as it let me Secure Boot.
But I was told I needed the actual TPM module if I wanted to use Device Encryption.
That's now where the issue is, Device Encryption still does NOT show up in Settings.
Device encrypytion only works if you have a tp, or equivalent, AND Modern Standby.

Look at these tutorials.



As a rule, modern standby is the default state, so I doubt it is there.

Even if pc supports tpm, and modern standby, device encryption still may not work depending on hardware age. 3 years old may still be too old.

If you want encryption, you will either need to upgrade to Pro or use some 3rd party tool.
 

My Computer

System One

  • OS
    Windows 11 Pro + Win11 Canary VM.
    Computer type
    Laptop
    Manufacturer/Model
    ASUS Zenbook 14
    CPU
    I9 13th gen i9-13900H 2.60 GHZ
    Motherboard
    Yep, Laptop has one.
    Memory
    16 GB soldered
    Graphics Card(s)
    Integrated Intel Iris XE
    Sound Card
    Realtek built in
    Monitor(s) Displays
    laptop OLED screen
    Screen Resolution
    2880x1800 touchscreen
    Hard Drives
    1 TB NVME SSD (only weakness is only one slot)
    PSU
    Internal + 65W thunderbolt USB4 charger
    Case
    Yep, got one
    Cooling
    Stella Artois (UK pint cans - 568 ml) - extra cost.
    Keyboard
    Built in UK keybd
    Mouse
    Bluetooth , wireless dongled, wired
    Internet Speed
    900 mbs (ethernet), wifi 6 typical 350-450 mb/s both up and down
    Browser
    Edge
    Antivirus
    Defender
    Other Info
    TPM 2.0, 2xUSB4 thunderbolt, 1xUsb3 (usb a), 1xUsb-c, hdmi out, 3.5 mm audio out/in combo, ASUS backlit trackpad (inc. switchable number pad)

    Macrium Reflect Home V8
    Office 365 Family (6 users each 1TB onedrive space)
    Hyper-V (a vm runs almost as fast as my older laptop)
Well....

Anyway - Turn on device encryption. Note this also requires an Administrator Account - Enable or Disable Built-in Administrator Account in Windows 11 Tutorial

BTW, why the need for Device Encryption?
That's the issue, Device Encryption does NOT show up in settings.
I do use an Admin account.
As far as why turning on encryption, that's another story. Decision was made long ago.
Starting to think that "Device Encryption" isn't showing up because of "Sleep" state issues.
I read this on another Win11 forum post:
"When writing this article, the Modern Standby feature is unavailable on some Windows 11 Home PCs. Unfortunately, this results in the Device Encryption option being missing as well, since both the features work synchronously. In essence, a bug in Windows 11 Home PC prevents data from being encrypted when the computer goes in any low power modes"
I ran the 'System Info' as administrator and under 'Device Encryption Support' got this:
"Reasons for failed automatic device encryption: Hardware Security Test Interface failed and device is not Modern Standby, Un-allowed DMA capable bus/device(s) detected"
And a "powercfg -a" command prompt shows Standby (S1), (S2), (S0) not available.
Wheras Standby (S3), Hibernate, Hybrid Sleep, Fast Startup are available.
I also rebooted numerous times trying diasabling/enabling "Trusted Computing/Security Device support" (It's been enabled all the time),
and tried disabling/enabling "PTT" (It's been enabled all the time).
They both need to be on for "System Info" to show TPM is active, and to get "Secure Boot".
In a nutshell, Up until now, I've had TPM active and been using Secure Boot.
I installed the TPM module just today so I could use Device Encryption.
 

My Computer

System One

  • OS
    Windows 11 Home
    Computer type
    PC/Desktop
    Manufacturer/Model
    Homebuilt
    CPU
    Intel Core i5 p400F
    Motherboard
    Gigabyte Z390-UD rev.1
    Memory
    Kingston HyperX Fury 16GB (2x8) DDR4-2400
    Graphics Card(s)
    NVidia GeForce GTX 1050 Ti (4GB)
    Sound Card
    Onboard
    Monitor(s) Displays
    27" Samsung
    Screen Resolution
    1920 x 1080
    Hard Drives
    Samsun SSD 970 EVO 500GB
    PSU
    450W Corsair
    Case
    Coolermaster Masterbox MB530P
    Cooling
    Fans x 6
    Keyboard
    Logitech wireless
    Mouse
    Logitech wireless
    Internet Speed
    25mbps
    Browser
    Edge, Opera
    Antivirus
    Windows Defender, Malwarebytes (free)
Device encrypytion only works if you have a tp, or equivalent, AND Modern Standby.

Look at these tutorials.



As a rule, modern standby is the default state, so I doubt it is there.

Even if pc supports tpm, and modern standby, device encryption still may not work depending on hardware age. 3 years old may still be too old.

If you want encryption, you will either need to upgrade to Pro or use some 3rd party tool.
And I think what you're saying is the case. My hardware isn't recent enough.
So I wasted $20 on the module, will have to grin and bear it :)
 

My Computer

System One

  • OS
    Windows 11 Home
    Computer type
    PC/Desktop
    Manufacturer/Model
    Homebuilt
    CPU
    Intel Core i5 p400F
    Motherboard
    Gigabyte Z390-UD rev.1
    Memory
    Kingston HyperX Fury 16GB (2x8) DDR4-2400
    Graphics Card(s)
    NVidia GeForce GTX 1050 Ti (4GB)
    Sound Card
    Onboard
    Monitor(s) Displays
    27" Samsung
    Screen Resolution
    1920 x 1080
    Hard Drives
    Samsun SSD 970 EVO 500GB
    PSU
    450W Corsair
    Case
    Coolermaster Masterbox MB530P
    Cooling
    Fans x 6
    Keyboard
    Logitech wireless
    Mouse
    Logitech wireless
    Internet Speed
    25mbps
    Browser
    Edge, Opera
    Antivirus
    Windows Defender, Malwarebytes (free)
And I think what you're saying is the case. My hardware isn't recent enough.
So I wasted $20 on the module, will have to grin and bear it :)
For $20, you could probably have go a cheap Pro licence somewhere online - however beware buying a cheap licence - a lot are scams.
 

My Computer

System One

  • OS
    Windows 11 Pro + Win11 Canary VM.
    Computer type
    Laptop
    Manufacturer/Model
    ASUS Zenbook 14
    CPU
    I9 13th gen i9-13900H 2.60 GHZ
    Motherboard
    Yep, Laptop has one.
    Memory
    16 GB soldered
    Graphics Card(s)
    Integrated Intel Iris XE
    Sound Card
    Realtek built in
    Monitor(s) Displays
    laptop OLED screen
    Screen Resolution
    2880x1800 touchscreen
    Hard Drives
    1 TB NVME SSD (only weakness is only one slot)
    PSU
    Internal + 65W thunderbolt USB4 charger
    Case
    Yep, got one
    Cooling
    Stella Artois (UK pint cans - 568 ml) - extra cost.
    Keyboard
    Built in UK keybd
    Mouse
    Bluetooth , wireless dongled, wired
    Internet Speed
    900 mbs (ethernet), wifi 6 typical 350-450 mb/s both up and down
    Browser
    Edge
    Antivirus
    Defender
    Other Info
    TPM 2.0, 2xUSB4 thunderbolt, 1xUsb3 (usb a), 1xUsb-c, hdmi out, 3.5 mm audio out/in combo, ASUS backlit trackpad (inc. switchable number pad)

    Macrium Reflect Home V8
    Office 365 Family (6 users each 1TB onedrive space)
    Hyper-V (a vm runs almost as fast as my older laptop)
The only place I've seen modern standby is on laptops, I have read the Microsoft documentation that states it is available on Desktops, but I've not seen one yet.
 

My Computers

System One System Two

  • OS
    Windows 11 Workstation
    Computer type
    PC/Desktop
    Manufacturer/Model
    doofenshmirtz evil incorporated
    CPU
    Ryzen 9 5950X
    Motherboard
    Asus ROG Crosshair VIII Formula
    Memory
    Corsair Vengeance RGB PRO Black 64GB (4x16GB) 3600MHz AMD Ryzen Tuned DDR4
    Graphics Card(s)
    ASUS AMD Radeon RX 6900 XT 16GB ROG Strix LC OC
    Sound Card
    Sound BlasterX Katana
    Monitor(s) Displays
    3 x27" Dell U2724D & 1 x 34" Dell U3415W
    Hard Drives
    Samsung 980 Pro 1TB M.2 2280 PCI-e 4.0 x4 NVMe Solid State
    Drive
    PSU
    ASUS ROG THOR 850W 80 Plus Platinum
    Case
    ASUS ROG Strix Helios Midi-Tower ARGB Gaming Case
    Cooling
    ASUS ROG Strix LC Performance RGB AIO CPU Liquid Cooler - 360mm
    Keyboard
    Logi Ergo
    Mouse
    Logitech MX Vertical
    Internet Speed
    900/100 Mbps
    Browser
    Chrome
    Antivirus
    Windows Defender, Malwarebytes Pro
    Other Info
    HP M281 Printer
    Logitech Brio Stream webcam
    Yeti X mic
  • Operating System
    Windows 10
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop
    CPU
    i7
I've just bought an ASUS laptop, installed Win11 Home, and enabled Device Encryption. Works just like I'm trying to get ther PC to do.
So looks like it's not possible, then.

Thanks again for all the input from everyone.
 

My Computer

System One

  • OS
    Windows 11 Home
    Computer type
    PC/Desktop
    Manufacturer/Model
    Homebuilt
    CPU
    Intel Core i5 p400F
    Motherboard
    Gigabyte Z390-UD rev.1
    Memory
    Kingston HyperX Fury 16GB (2x8) DDR4-2400
    Graphics Card(s)
    NVidia GeForce GTX 1050 Ti (4GB)
    Sound Card
    Onboard
    Monitor(s) Displays
    27" Samsung
    Screen Resolution
    1920 x 1080
    Hard Drives
    Samsun SSD 970 EVO 500GB
    PSU
    450W Corsair
    Case
    Coolermaster Masterbox MB530P
    Cooling
    Fans x 6
    Keyboard
    Logitech wireless
    Mouse
    Logitech wireless
    Internet Speed
    25mbps
    Browser
    Edge, Opera
    Antivirus
    Windows Defender, Malwarebytes (free)
Hi there
for messing around with the TPM install the TPM diagnostics tool from the "Add optional features" and then some of the commands might help.

Skjámynd 2022-04-27 082347.png


I haven't a clue about most of this (if any at all) but there are far better brains out there with knowlege of windows etc than mine.

If on a VM and using an emulated TPM this utility still recognizes it.

I'm still not convinced especially on a home laptop why I would even think about wanting to encrypt the OS -- the more complex you make things the more likely they are to go wrong and even more harder to fix - and coming from an experienced engineer (like me !!!!) who has worked on a whole range of different projects I've found that to be the case every time.

Any system whether mechanical (hardware) or software or a combination unfailingly will have those properties.

Cheers
jimbo
 

My Computer

System One

  • OS
    Windows XP,7,10,11 Linux Arch Linux
    Computer type
    PC/Desktop
    CPU
    2 X Intel i7
Here is my article that shows how to use bitlocker on Win10/11 Home despite the lack of "modern standby" or whatever MS thinks is needed:
My laptop has modern standby and TPM 2.0.

Well, I tested this on W10 Home and the article must be out of date, or in error.

I started in modern standby and I tried device encryption, and it would not let me until I signed in with MS account (as I expected). I ran device encryption fine, then turned it off fine.

I turned off modern standby, rebooted, checked I was in S3 state, and no sign of device encryption in settings. I then ran "manage-bde -on c: -used", and it immediately replied I could not run device encryption on my device.

I then turned on modern standby, rebooted, checked I was in S0 state, and device encryption was now available. I then ran "manage-bde -on c: -used", and it started encrypyting.

I repeated whole exercise just to be sure.

So, my tests validate you need to be in modern standby mode to run device encryption.

I re-read article, and it claims it used Windows 10 Home in Hyper-V, and I tried it - no difference.

I note the article was for a much older version of Windows 10.
 
Last edited:

My Computer

System One

  • OS
    Windows 11 Pro + Win11 Canary VM.
    Computer type
    Laptop
    Manufacturer/Model
    ASUS Zenbook 14
    CPU
    I9 13th gen i9-13900H 2.60 GHZ
    Motherboard
    Yep, Laptop has one.
    Memory
    16 GB soldered
    Graphics Card(s)
    Integrated Intel Iris XE
    Sound Card
    Realtek built in
    Monitor(s) Displays
    laptop OLED screen
    Screen Resolution
    2880x1800 touchscreen
    Hard Drives
    1 TB NVME SSD (only weakness is only one slot)
    PSU
    Internal + 65W thunderbolt USB4 charger
    Case
    Yep, got one
    Cooling
    Stella Artois (UK pint cans - 568 ml) - extra cost.
    Keyboard
    Built in UK keybd
    Mouse
    Bluetooth , wireless dongled, wired
    Internet Speed
    900 mbs (ethernet), wifi 6 typical 350-450 mb/s both up and down
    Browser
    Edge
    Antivirus
    Defender
    Other Info
    TPM 2.0, 2xUSB4 thunderbolt, 1xUsb3 (usb a), 1xUsb-c, hdmi out, 3.5 mm audio out/in combo, ASUS backlit trackpad (inc. switchable number pad)

    Macrium Reflect Home V8
    Office 365 Family (6 users each 1TB onedrive space)
    Hyper-V (a vm runs almost as fast as my older laptop)
The procedure in the article was not correctly used. The article tells you to boot to the recovery environment. Follow it, it works on all versions, builds and editions of windows 10 and 11.
 

My Computer

System One

  • OS
    Win11

Latest Support Threads

Back
Top Bottom