Hi all. It's just occurred to me how little I know about this topic!
I understand that some motherboards have TPM 2.0 modules. I have a 5900X on the X570 platform. I enabled fTPM in the UEFI BIOS prior to installing W11. However, my system is not encrypted. Under system information the reason given for failed automatic encryption is as follows:
Device Encryption Support: "Reasons for failed automatic device encryption: PCR7 binding is not supported, Hardware Security Test Interface failed and the device is not Modern Standby, Un-allowed DMA-capable bus/device(s) detected"
I'm not overly bothered by this as it's not a laptop/mobile device. However, is it desirable to have a home gaming PC encrypted?
What are the implications for hardware changes or BIOS updates on an encrypted W11 system? I understand that a Microsoft account can store an encryption key now. How does this work in practice?
I was hoping for a little discussion to get a better understanding of this topic in general.
Thank you.
NB: Also, if a device was encrypted using the AMD fTPM module on the CPU, and then someone did a CPU upgrade without disabling encryption first - presumably you would be locked out? Or what if the CPU failed?
I understand that some motherboards have TPM 2.0 modules. I have a 5900X on the X570 platform. I enabled fTPM in the UEFI BIOS prior to installing W11. However, my system is not encrypted. Under system information the reason given for failed automatic encryption is as follows:
Device Encryption Support: "Reasons for failed automatic device encryption: PCR7 binding is not supported, Hardware Security Test Interface failed and the device is not Modern Standby, Un-allowed DMA-capable bus/device(s) detected"
I'm not overly bothered by this as it's not a laptop/mobile device. However, is it desirable to have a home gaming PC encrypted?
What are the implications for hardware changes or BIOS updates on an encrypted W11 system? I understand that a Microsoft account can store an encryption key now. How does this work in practice?
I was hoping for a little discussion to get a better understanding of this topic in general.
Thank you.
NB: Also, if a device was encrypted using the AMD fTPM module on the CPU, and then someone did a CPU upgrade without disabling encryption first - presumably you would be locked out? Or what if the CPU failed?
Last edited: