This article explains enabling or disabling the Clear TPM button in the Windows Security app in Windows 11.
TPM technology is designed to provide hardware-based, security-related functions. A TPM chip is a secure cryptoprocessor that helps you generate, store, and limit the use of cryptographic keys.
The Windows Security app has a Clear TPM button that lets users clear and reset their device TPM module to the default settings. When you click the
Clear TPM button, your device will restart and complete the actions.
When you clear your device’s TPM chip settings, it will reset many security settings in Windows, including your PIN and other Windows Hello features.
You can turn off the Clear TPM button in the Windows Security app to prevent users from using it. Enable it if you want to use it again.
Turn on or off the Clear TPM button in Windows Security app
As mentioned above, you can turn off the Clear TPM button in the Windows Security app to prevent users from resetting your device’s TPM settings.
Here’s how to do it.
First, open the Local Group Policy Editor.
Then expand the following folders Computer Configuration -> Administrative Templates -> Windows Components -> Windows Security -> Device security.
Computer Configuration -> Administrative Templates -> Windows Components -> Windows Security -> Device security
Next, click on the Device security folder on the left panel, and double-click the setting on the right called “Disable the Clear TPM button” to open.
When the setting window opens, select one of the options:
- Not Configured – Same as Disabled. Users can access the Clear TPM button.
- Enabled – The Clear TPM button will be unavailable for use.
- Disabled – The Clear TPM button will be available for use.
Save your settings and restart your computer for the changes to apply.
Enable or Disable the Clear TPM button via Windows Registry Editor
Yet another way to turn on or off the Clear TPM button in the Windows Security app is to use the Windows Registry Editor.
If you can’t open the Local Group Policy Editor, use the Windows Registry editor instead.
Open the Windows Registry, and navigate to the two folder keys below.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Device security
If you don’t see the Device security folder key, right-click on the Windows Defender Security Center key, then create the subkey (Device security) folders.
Right-click the Device security folder key’s right pane and select New -> DWORD (32-bit) Value. Type a new key named DisableClearTpmButton.
Double-click the new key item name (DisableClearTpmButton) and make sure the Base option is Decimal, and then update the Value data:
- To disable the Registry Editor, type 1.
- To enable the Registry Editor, delete the name DisableClearTpmButton created above.
Save your changes and restart your computer.
That should do it!
This post showed you how to enable or disable the Clear TPM button in the Windows Security app. If you find any errors above or have something to add, please use the comments form below.