Like a coin, TPM has two sides: the bad and the good. You may have come across TPM 2.0 errors that put your system at risk. Because of this, it’s important to back up TPM keys so you can restore them in case your computer is damaged or lost.
Why should I back up my TPM keys?
If you’re wondering why a backup of your TPM keys is important, below are some convincing reasons:
Safeguard your system against malware – Malware can use the TPM to access personal information and change settings without your knowledge. This could lead to identity theft or financial fraud in the future. Decryption – If you lose your computer, you’ll need access to those encryption keys so you can decrypt anything on it. Lost password – In case you lose your password, you will need to reset the TPM key to take control of your system again. The backup will help you not lose any data. Detect unauthorized access – If you are worried that someone might get into your computer and tamper with it, you will want to make sure that the TPM (Trusted Platform Module) is working correctly. Protect your data – Backup TPM keys are used to protect the integrity of your data. If you lose access to the backup TPM key, then your operating system will no longer trust your TPM chip. This could lead to problems if you try to boot from that drive again. Recover data – In case of system failure and you need to recover the data, you can use the TPM key to recover the encryption key and access your data. Reset your PC – In case you make hardware changes to your PC or want to repurpose it, you will need the TPM key hence the need to back up.
What do I need to back up the TPM keys?
The first step is to make sure you have an Active Directory domain service that can be remotely managed. If you don’t have one, you can create one. With an Active Directory Domain Services (AD DS) server, you’ll be able to ensure that only authorized users can access this key information through a centralized management console. You also need to configure a Windows Server 2012 R2 or Windows Server 2012 domain controller as a member of the local administrator group on your computer. A local administrator group is a special group that performs administrative tasks on a computer, including managing Windows Startup and shutdown settings. Once your Active Directory Domain Services (AD DS) are created, configure them as required as described in the following steps:
Create a user account with the same name and password as the one used for the TPM owner account. Configure permissions on this account so that it has full control over all objects it manages. Add this account to the local Administrators group on all computers in your network where certificates will be stored and managed by this toolkit. Only use the domain-joined device that is a part of the local administrator group.
How do I back up TPM keys?
Once you have enabled this setting, all the TPM information will be on automatic backup henceforth. It’s also important to note that some Active Directory Domain Services automatically back up the TPM keys. SPONSORED
How do I reset TPM without losing data?
You can reset the Trusted Platform Module (TPM) without losing data. However, you need to be aware of several things. Before resetting your TPM, you should check that it is supported by your computer’s BIOS. If it isn’t, then you will have to contact the manufacturer of your computer. This will allow you to see whether or not they have released a BIOS update that will support the resetting of your TPM. If they have, then you can simply download and install the update from their website. Now after you have reset TPM, you’re probably asking yourself what happens when you clear the TPM keys. When you clear the TPM keys, the key is removed from the hardware and memory. The key is deleted from memory when your computer boots up. Once the operating system starts, it checks to see if a previously-cleared TPM key exists. If it does not, then a new one will be generated and assigned to your account. And that’s how to back up your TPM keys in Windows 11. The same procedure also applies to Windows 10. Don’t forget to check out our article on what to do in case your TPM device is not detected. In case you’re in the market for a new TPM 2.0 chip, we have curated a list with detailed specs and price points to help you get started. Let us know of any issues you may encounter while backing up the TPM keys in the comment section below.
SPONSORED
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ
