TroubleChute Logo
ENABLE SECURE BOOT, TPM & UEFI GUIDES

Enable Secure Boot, TPM and UEFI on MSI

Published: Oct 1, 2025
Last Edit: Oct 1, 2025
UEFI BIOS
538 Words, 2 Minutes.

Note about TPM

While a lot of motherboards support Secure Boot, most (even semi-modern) motherboards have a TPM or TPM 2.0 chip physically present.

If your motherboard does not have a dedicated TPM, it can come built-in to your CPU. This usually comes in a few names. Keep an eye out for:

If a dedicated chip is present it can show as dTPM or fTPM, for example. You may need to search a specific guide for your exact motherboard model if this generalized guide does not help you.

Note about UEFI mode

Enabling Secure Boot or TPM often requires UEFI mode to be enabled as well. While this is just a one-click toggle in the firmware settings, you do need your Windows configuration and drive to match BEFORE enabling this, or you may not be able to boot at all until this step is undone. Your drives need to be the newer GPT partition format.

Please view and verify UEFI mode can be enabled by checking the Convert MBR drives to GPT Guide.

Reboot into firmware settings

If you’re logged into Windows:

  1. Open this guide on another device, as your system will only show firmware settings when you’re in the UEFI/BIOS settings screen.
  2. Press Start or Windows and search for CMD. Open Command Prompt as Administrator.
  3. Type: shutdown /r /fw and press Enter to reboot your system directly into your firmware settings.

Alternatively:

  1. Reboot your system as normal.
  2. While booting: when you see your motherboard’s logo there is usually text below saying Press F2, F12, Delete or any other combination of buttons to enter Settings, BIOS or UEFI. Press that key while still on this screen.
  3. You should now be in your BIOS/UEFI settings ready to adjust your configuration.

On my system I needed to press Delete.

Enable UEFI mode

This is displayed slightly differently - even from motherboard to motherboard from the same manufacturer.

  1. Press F7 to enter Advanced Mode.
    Advanced Mode
  2. Use the arrow keys and Enter to navigate into Advanced menu
    Advanced Settings page
  3. Enter Windows OS Configuration
    Windows OS Configuration page
  4. Hit Enter on Windows 10 WHQL Support and choose UEFI instead of Legacy or Compatability.
  5. Note: If you just changed into UEFI mode, you may have a restart pending before more settings can be adjusted. Hit Escape a few times to go back until you see Save & Exit on the Advanced Mode home page. Select it and press Enter to reboot your system, now in UEFI mode.

Your system should now reboot in UEFI mode.

Enable Secure Boot

  1. From the main Advanced Mode menu, select Advanced.
  2. Enter Windows OS Configuration
    Windows OS Configuration page
  3. Select Secure Boot
    Secure Boot page
  4. Make sure Secure Boot is set to Enabled, and Secure Boot Mode can be set to Standard, unless you require something different.

Enable TPM

  1. From the main Advanced Mode menu, select Security
    Security tab
  2. Select Trusted Computing
  3. Make sure Security Device Support is set to Enabled, and TPM Device Selection is set to anything other than Disabled or None.
    Enable TPM

Save and Exit

Hit Escape a few times to go back until you see Save & Exit on the Advanced Mode home page.

Your system should now reboot with UEFI, Secure Boot and TPM all enabled.

TroubleChute © Wesley Pyburn (TroubleChute)
Support Me Privacy Policy Cookies Policy Terms of Service Change privacy settings Contact