Home » Computer Guides » PC Security Guides » How To Enable BitLocker Without A TPM.

How To Enable BitLocker Without A TPM.

You can enable BitLocker without a TPM (Trusted Platform Module) by making a simple change within the Group Policy Editor.

By default, BitLocker will store its unlock key within the TPM, but not all machines will have one. Or maybe it just isn’t enabled. This is especially true for earlier Windows 10 computers. Windows 11 computers should be unaffected because the OS actually requires a working TPM.

Starting BitLocker.

After clicking the option to turn BitLocker on you receive this error message.

“This device cannot use a Trusted Platform Module. Your administrator must set the “Allow BitLocker without a compatible TPM” option in the “Require additional authentication at start-up” policy for OS volumes”.

Click the Cancel button.

BitLocker cannot start because there isn't a TPM.

How To Enable BitLocker Without A TPM.

Although the error message is a bit cryptic, it is telling you what you need to do in order to enable BitLocker to run without a TPM. Here’s what you to do in plain language.

Open the Run command by pressing the Windows key and the letter R on your keyboard.

In the box, type gpedit.msc and click the OK button.

Run dialogue box. Gpedit.msc has been entered.

Group Policy Editor.

When the Group Policy Editor opens, expand the folder tree to

Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives

Operating system drives folder highlighted in the Group Policy Editor.

Double left click on “Require additional authentication at startup”.

Require Additional Authentication At Startup option is marked in Group Policy Editor for Windows 11.

On the “Require additional authentication at startup”, select Enabled and then select “Allow BitLocker without a compatible TPM (requires a password or a startup key on a USB flash drive”.

Click Apply and then click OK.

Close the Group Policy Editor and return to the BitLocker screen.

Allow BitLocker without TPM.

Click the “Turn BitLocker on” option and you’ll see that the encryption setup process will begin.

Read the At Home Computer guide to using BitLocker here How To Use Microsoft BitLocker.

BitLocker without a TPM.


To get BitLocker working when your computer doesn’t have a TPM (or at least doesn’t have it enabled) is a little bit more complicated than it really should be, especially for home computer users.

Whilst the Pro versions of Windows are primarily aimed at business users, many of us buy it specifically to get these extra features. At the end of the day, the data on our home computers is just as important as that on our work machines.

Scroll to Top