Attempting to migrate from an old Windows version to the latest Windows 11 and getting the ‘Secure Boot is not enabled on this machine,’ you are not alone. The secure boot is not enabled on this machine Windows 11 error is a common issue faced by many users.
There are a few things that you need to take care of if you have made up your mind to upgrade. These include enabling Trusted Platform Module (TPM) 2.0, and Secure Boot in the BIOS of the computer motherboard as the initial steps. Among these TPM and secure boot are the most important to ensure the security of the device.
Secure Boot is Not Enabled on This Machine Windows 11
This is a security protocol coming from members of the PC industry to make sure the device boots are using the original and trusted software that is verified by the original equipment manufacturer (OEM).
The Windows error ‘Secure Boot is not enabled on this machine’ could be encountered multiple times. Either this could be while upgrading to the latest version of Windows or while installing an application or a game on the PC. So here are the best remedies when the issue is faced while installing Windows 11.
Allow me to introduce the best workarounds:
Enable Secure Boot
- Go to the PC BIOS Menu. This could be done by pressing a key like F1, F2, F12, Esc, etc. based on the maker, all the while your PC is booting. Alternatively, press Shift while choosing Restart. Select ‘Troubleshoot and choose ‘Advanced Options: UEFI Firmware Settings.’
- Here you can find the ‘Secure Boot’ settings. Now here toggle it to ‘Enable’ from Security/Boot/authentication tab or it could be ‘Custom’ from where you have to load the ‘Secure Boot.’ Now reset the BIOS to factory settings.
- Next, save changes and exit.
- Reboot the PC.
Now if the PC does not boot even after enabling the secure boot it is time to go back to the BIOS menus and disable Secure Boot, and attempt PC boot once more, it should work.
Check TPM 2.0 Status
To find if the TPM is enabled on your Microsoft Operating system or not you have to go through the following steps.
- Open the ‘Start’ menu.
- In the search box type ‘tmp.msc’ and choose the top results. This will open the ‘Trusted Platform Module (TPM) Management’ tool.
- From the ‘Status’ and ‘TPM Manufacturer Information’ confirm the present version.
Now if your machine has a TPM chip, you can see the relevant information and its current status. If you find ‘Compatible TPM cannot be found’ then it indicates the chips is disabled on UEFI, or even this could indicate there is no compatible Trusted Platform Module on the device.
After this, it is time to enable the TPM 2.0 if it is present.
- Go to Settings.
- Choose ‘Update & Security.’
- Tap on ‘Recovery.’
- From the ‘Advanced Startup’ choose the ‘Restart Now’ button.
- On the next blue screen, choose ‘Troubleshoot.’
- Here select ‘Advanced options.’
- Choose ‘UEFI Firmware settings.’
- Tap on the ‘Restart’ button.
- Here choose the ‘advanced, security, or boot’ page one of which will be on the screen based on the type of motherboard your PC is carrying.
- Now choose the TPM 2.0 and select ‘Enable.’
In the case of Intel, it will be Platform Trust Technology (PTT). If it is an AMD processor or the absence of a TPM chip, the module may appear as fTPM (Firmware-based TPM2.0) or ‘AMD fTPM switch.’ In case of total absence, as it happens with custom motherboards, there is an option to consult the maker using their support or website contact.
Final Words
After the above conditions are met and the options enabled the secure boot is not enabled on this machine Windows 11 error will disappear. You can now upgrade your windows or install that particular stubborn app or game easily now.