TroubleChute Logo
ENABLE SECURE BOOT, TPM & UEFI GUIDES

Enable Secure Boot, TPM and UEFI on Gigabyte AORUS

Published: Oct 1, 2025
Last Edit: Oct 2, 2025
UEFI BIOS
485 Words, 2 Minutes.

Note about TPM

While a lot of motherboards support Secure Boot, most (even semi-modern) motherboards have a TPM or TPM 2.0 chip physically present.

If your motherboard does not have a dedicated TPM, it can come built-in to your CPU. This usually comes in a few names. Keep an eye out for:

If a dedicated chip is present it can show as dTPM or fTPM, for example. You may need to search a specific guide for your exact motherboard model if this generalized guide does not help you.

Note about UEFI mode

Enabling Secure Boot or TPM often requires UEFI mode to be enabled as well. While this is just a one-click toggle in the firmware settings, you do need your Windows configuration and drive to match BEFORE enabling this, or you may not be able to boot at all until this step is undone. Your drives need to be the newer GPT partition format.

Please view and verify UEFI mode can be enabled by checking the Convert MBR drives to GPT Guide.

Reboot into firmware settings

If you’re logged into Windows:

  1. Open this guide on another device, as your system will only show firmware settings when you’re in the UEFI/BIOS settings screen.
  2. Press Start or Windows and search for CMD. Open Command Prompt as Administrator.
  3. Type: shutdown /r /fw and press Enter to reboot your system directly into your firmware settings.

Alternatively:

  1. Reboot your system as normal.
  2. While booting: when you see your motherboard’s logo there is usually text below saying Press F2, F12, Delete or any other combination of buttons to enter Settings, BIOS or UEFI. Press that key while still on this screen.
  3. You should now be in your BIOS/UEFI settings ready to adjust your configuration.

On my system I needed to press Delete.

Enable UEFI mode

Gigabyte AORUS boards require UEFI for Secure Boot and TPM. Here’s how to set it up.

  1. Press F2 (or the key shown) to access Advanced Mode.
    Landing page
  2. Go to the Boot tab.
    Boot Settings page
  3. Find CSM Support, enter it, and set to Disabled.
  4. Escape back, then navigate to Save & Exit and select Save & Exit Setup to apply.

UEFI should be active after rebooting.

Enable Secure Boot

  1. Re-enter (if you exited) your Advanaced Mode bios using F2.
  2. Head back to the Boot tab, and use the arrow keys to go down past the last option on the screen (to scroll) down to Secure Boot
    Lower on the Boot tab
  3. Select and press Enter on Secure Boot. Change this to Enabled.
    Secure Boot tab

Enable TPM

  1. Head to the Settings tab at the top.
    Settings tab
  2. Select and open Miscellaneous
  3. Select Trusted Plataform Module and select anything but Disabled from the dropdown. Auto is usually the best here.
    TPM Settings popup
    Image source: HardReset.Info on YouTube

Save and Exit

Use the Right arrow to get to the Save & Exit tab. Choose Save & Exit Setup.

Save & Exit tab
TroubleChute © Wesley Pyburn (TroubleChute)
Support Me Privacy Policy Cookies Policy Terms of Service Change privacy settings Contact