TPM - Security Platform Initialization: what is this?


  1. Posts : 259
    Windows 7 Panasonic CF F9 (used to have CF F8)
       #1

    TPM - Security Platform Initialization: what is this?


    Hi, I recently tried to upgrade some drivers and I have been left with TPM - Infineon in the systems tray that keeps asking me initialize. When I clicked through the wizard it tells me to set up security on a removable USB Stick.

    Forigve me, but can someone explain what this TPM is, and do I need it?

    It seems to be a high tech security device?

    How did I end up with it! This normal? Thanks!
      My Computer


  2. Posts : 525
    windows 7 ultimate 64bit
       #2

    here is a short description of TPM.

    What is trusted platform module? Definition from WhatIs.com - see also: TPM

    if you decide you dont need TPM, you can disable it in the BIOS. otherwise it will nag you every time you restart.
      My Computer


  3. Posts : 259
    Windows 7 Panasonic CF F9 (used to have CF F8)
    Thread Starter
       #3

    right...from my understanding it is basically a security service which can enrcypt your drives.

    Do you guys use it?

    Thanks
      My Computer


  4. Posts : 525
    windows 7 ultimate 64bit
       #4

    i disabled mine.
      My Computer


  5. Posts : 10,200
    MS Windows 7 Ultimate SP1 64-bit
       #5

    Most of the people here have no need for TPM but for those who do then the capability of preventing unauthorized access to ones computer is a strong plus.

    If you have to travel and your notebook/netbook goes with you and you have company/government classified info on your computer, then you should be using TPM.
      My Computer


  6. Posts : 259
    Windows 7 Panasonic CF F9 (used to have CF F8)
    Thread Starter
       #6

    you think bit locker would do the trick just as well?
      My Computer

  7.    #7

    How to enable full drive encryption on your system


    If you want to encrypt your entire HDD, you'll need windows 7 ultimate or enterprise, a TPM and HDD password are necessary, and windows should be freshly installed without the system reserved partition present, otherwise the encryption process will take a long time and will not be as secure
       Note
    Do not try this unless you have a flash drive to store a backup of the bitlocker key and are already skilled with computers

    enable the Administrator account and sign in to it for the entire process
    Set a password for all active accounts on the computer if you haven't already done so
    Restart your computer and enter bios
    In security settings, set an adminstrator and HDD password first, then restart your system. This is necessary to enable the full drive encryption, or the TPM will sometimes block it due to security concerns. It also has the added benefit of rendering your HDD useless to anyone without the HDD password. It won't work in any other computer without it
    Enter bios again and navigate to TPM management. Enable the TPM and set it as active, then clear the TPM and boot to your operating system
    Open the group policy editor, navigate to computer configuration> administrative templates > system > trusted platform module services
    Enable "ignore the list of local blocked TPM commands" & "ignore the default list of blocked TPM commands"
    Disable "turn on TPM backup to AD DS"
    Then from an elevated command prompt, type TPM.
    Initialize and turn the TPM on
    Restart your computer. Ok any prompt if the TPM gives you one..

    In control panel>system and security you will find the bitlocker drive encryption options. insert a flash drive to use for a backup of the bitlocker key, then turn on bitlocker. It takes about an hour to encrypt a typical HDD on a laptop.
      My Computer


  8. Posts : 10,200
    MS Windows 7 Ultimate SP1 64-bit
       #8

    lister said:
    you think bit locker would do the trick just as well?
    There are some excellent tutorials here on bitlocker, plus there is always the info you get by using the WIN F1 key combo.

    I installed BitLocker on my netbook to familiarize myself with the capabilities and performance. Performance slowed. I admit that the netbook is underpowered for such operations. The encryption took about an hour and a half for each drive, c: system and d: data.

    The netbook does not have TPM so had to change a couple of registry settings, as documented by Brink in the main BitLocker tutorial.

    I'm now in the process of removing the encryption since I'm not traveling on plane or overseas with such anytime soon. The removal takes just as long as the encryption itself.

    I've never used the following, but many have recommended:
    TrueCrypt - Free Open-Source On-The-Fly Disk Encryption Software for Windows 7/Vista/XP, Mac OS X and Linux
      My Computer


  9. Posts : 259
    Windows 7 Panasonic CF F9 (used to have CF F8)
    Thread Starter
       #9

    kword88 said:
    i disabled mine.
    How do you do that? I disabled from the BIOS but it is still in the systems tray annoyingly...

    is there anything setting I might have missed? Thanks!
      My Computer


  10. Posts : 525
    windows 7 ultimate 64bit
       #10

    look in your "startup" folder and delete the shortcut if its there, go to control panel/software&programs and uninstall the TPM software.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 18:28.
Find Us