Fix: Secure Boot Enabled But Windows 11 Says It's Not [2024]

Written By Steven Arends

Secure Boot is a suite of applications that checks if your operating system is safe to operate on a computer and ensures that the computer starts up with just the OS that the manufacturer trusts.

It is suggested that you install Windows using the newer UEFI mode, which includes more extraordinary security measures like Secure Boot, TPM 2.0, and more.

While checking system information, some users reported that the Secure Boot is disabled, though the feature is enabled on Windows 11 devices.fix-secure-boot-enabled-but-windows-11-says-its-not

If you are concerned and looking for the solutions to this particular issue, you have landed in the right place. In this post, I will show you some proven and tested methods to fix the problem on your Windows 11 device.

So, let’s get started without further ado.

Follow our guide on how to Fix Secure Boot Error to Update to Windows 11

Quick Navigation show

How to fix Secure Boot Enabled But Windows 11 Says It’s Not

Some Windows 11 users reported that after installing the Windows 11, the Secure Boot feature state shows disabled on their device, but the Secure Boot is already enabled from BIOS.

Sometimes, it might happen on a Windows device where Secure Boot is automatically disabled for some missed configuration. So, you don’t need to worry about that. By enabling the Secure Boot feature correctly, it’s possible to solve the issue.

So, to fix the problem, follow some steps that I mentioned below.

Here are the steps to fix the Secure Boot enabled, but Windows 11 says it’s not:

  1. Enable Secure Boot

If your secure boot settings are on User Mode, you can simply enable the Secure Boot feature on Windows 10.

On the other hand, if the secure boot settings are on Setup Mode, follow the steps below:

  • Disable Secure Boot if it is Enabled.
  • Set Standard to Custom if it is Standard.
  • Set Custom to Standard accepting Factory Defaults.
  • Enable the Secure Boot.
  • Check to see whether your problem is solved. If not, follow the next solution.

Read more on how to Boot to Safe Mode in Windows 11

  1. Restore Factory keys

By restoring the Factory Keys on your BIOS, you can fix the issue on your system. So, follow the steps below to restore the factory keys.

Here are the steps to reset the keys:

  • Open BIOS on your computer.
  • Select the Security tab.
  • Navigate to the Secure Boot > Restore Factory keys.
  • Hit the Enter to reset factory defaults.
  • Save the changes and exit the window.
  • Check to see whether your problem is solved.

Follow our guide to Upgrade to Windows 11 on Mac Using Boot Camp

How to fix This PC can’t run Windows 11 Error

In October 2021, Microsoft released the new operating system, Windows 11. In Windows 11, Microsoft declared some system requirements to run the OS smoothly on a PC.

Secure Boot and TPM 2.0 is one of the core requirements of Windows 11, which is a must to run Windows 11 on your device.

The error This PC can’t run Windows 11 appears on your screen when you try to install Windows 11 on your PC, but your device doesn’t meet the minimum system requirements to run Windows 11.

Your device must meet the Secure Boot and TPM 2.0 and the other system requirements to run the Windows 11 on your PC. If your PC meets other system requirements, but the Secure Boot and TPM 2.0 is disabled, you can’t install Windows 11.

So, first, make sure the Secure Boot and TPM 2.0 is enabled on your PC. To enable the Secure Boot and TPM 2.0, follow the below-mentioned steps.

Here are the steps to fix This PC can’t run Windows 11 issue:

  1. Enable UEFI Secure Boot

The first effective and tested method to fix This PC can’t run Windows 11 error is enabling the UEFI Secure Boot on your Windows 10 device.

Here are the steps to enable the UEFI Secure Boot on Windows 10 PC:

  • Open Windows Settings by pressing the Win+I keys.windows-settings-open
  • Select the Update & Security tab on the left-side menu panel.windows-10-update-security
  • Select the Recovery option.
  • Click on Restart now.windows-10-recovery-restart-now
  • Wait for a few seconds to restart your computer. After restart, a blue screen will open with advanced menus.
  • Click on the Troubleshoot.windows-10-troubleshoot-mode
  • Go to Advanced Options.windows-10-troubleshoot-advanced-option
  • Select UEFI Firmware Settings. You will find the Secure Boot setting under the Security, Boot, or Authentication menu.bios-secure-boot-on
  • Enable the Secure Boot feature.bios-secure-boot-on
  • Make sure to save the changes and restart your device.

  1. Enable TPM 2.0

Enabling the TPM 2.0 on your Windows 10 device is another proven and tested method to fix the This PC can’t run Windows 11 error.

By enabling the TPM 2.0, your PC meets the Windows 11 system requirements, and the system allows you to install Windows 11.

Here are the steps to enable the TPM 2.0 on Windows 10 PC:

  • Open Windows Settings by pressing the Win+I keys.windows-settings-open
  • Select the Update & Security tab on the left-side menu panel.windows-10-update-security
  • Select the Recovery option.windows-10-recovery-restart-now
  • Click on Restart now.
  • Wait for a few seconds to restart your computer. After restart, a blue screen will open with advanced menus.
  • Click on the Troubleshoot.windows-10-troubleshoot-mode
  • Go to Advanced Options.windows-10-troubleshoot-advanced-option
  • Select UEFI Firmware Settings. You will find the TPM 2.0 setting under the Advanced, Security, or Trusted Computing menu.
  • Enable the TPM 2.0 feature.
  • Make sure to save the changes and restart your device.

How to Fix This PC must support Secure Boot Error 

Secure Boot is one of the significant requirements to install and run Windows 11 on your device.

If the Secure Boot feature is disabled on your PC, you may encounter the This PC must support Secure Boot error, which means you cannot run the Windows 11 OS without enabling the Secure Boot.

However, to run Windows 11, first, enable the Secure Boot on your device and then try to install the Windows 11.

Here are the steps to enable the UEFI Secure Boot on Windows 10 PC:

  • Open Windows Settings by pressing the Win+I keys.windows-settings-open
  • Select the Update & Security tab on the left-side menu panel.windows-10-update-security
  • Select the Recovery option.windows-10-recovery-restart-now
  • Click on Restart now next to the Advanced startup.
  • Wait for a few seconds to restart your computer. After restart, a blue screen will open with advanced menus.
  • Click on the Troubleshoot.windows-10-troubleshoot-mode
  • Go to Advanced Options.windows-10-troubleshoot-advanced-option
  • Select UEFI Firmware Settings. You will find the Secure Boot setting under the Security, Boot, or Authentication menu.
  • Enable the Secure Boot feature.bios-secure-boot-on
  • Make sure to save the changes and restart your device.

Read more on how to Enable or Disable UAC on Windows 11

How to Check Secure Boot and TPM State on Windows10

Secure Boot and TPM 2.0 are necessary to run Windows 11 on your device. So, first, you need to ensure whether the TPM and Secure Boot are enabled. You also need to know the TPM-supported version of your device because without TPM 2.0; you can’t install Windows 11.

Are you confused about whether the Secure Boot and TPM are enabled or not on your Windows 11/10 PC?

Follow the steps below to check the Secure Boot and TPM state. You can effortlessly check your device’s Secure Boot and TPM status by following the methods below.

Note: The following methods to check the Secure Boot and TPM state also work on Windows 11.

Here are the steps to check the Secure Boot state on Windows 10:

  • Open the Windows Search panel by pressing the Win+S keys or clicking on the Search icon on the taskbar.
  • Type System Information on the search bar, click on the search result or hit the Enter key to open the System Information window.

Under the Item column, you will find the Secure Boot State on your PC. If the state shows On, then the Secure Boot is enabled. If the state shows Off, the Secure Boot is disabled.

Here are the steps to check the TPM version on Windows 10:

  • Open the Windows Search panel by pressing the Win+S keys or clicking on the Search icon on the taskbar.
  • Type tpm.msc on the search bar.
  • Click on the search result or hit the Enter key to open the Trusted Module Platform (TPM) Management window. Under the Status section, you will find the current TPM status on your PC.

Under the TPM Manufacturer Information section, you will find the TPM version next to the Specification Version.

Check out the easiest way to Fix Computer won’t Boot to BIOS on Windows 11

Final Thoughts

Though Secure Boot and TPM 2.0 are mandatory for Windows 11, there are also some essential requirements, such as 1 gigahertz (GHz) or faster with 2 or more cores processors, minimum 4 gigabytes of RAM, 64 GB or larger storage device, and more.

Sometimes, the Secure Boot is enabled, but the system shows it is disabled. Though it’s not a big issue, you need to fix it. By applying the steps I mentioned earlier in this post, you can easily solve the problem within a few minutes.

Here, I described two different errors that Windows users encounter while they try to install Windows 11 on their device. I also described some proven and tested solutions to solve the issues.

That’s all, buddy. If you find this post helpful, share it with your friends to resolve their problems.

Good Bye. See you in the next one.

About The Author
Steven Arends is a computer science graduate and tech enthusiast with over 10 years of experience in the field. He has a vast collection of computer hardware and loves exploring the latest advancements. As a contributing author to 10Scopes, Steven shares his expertise to make the world of technology more accessible and easier to understand for all readers.
Related Posts
turn-bluetooth-on-or-off-in-windows-11
Windows
Turn Bluetooth On or Off in Windows 11 [4 Effortless Methods]
fix-cant-move-already-existing-folder
Windows
Fix: Can’t Move The Folder Because There Is A Folder in The Same Location
delete-windows-11-file-explorer-address-bar-history
Windows
Delete Windows 11 File Explorer Address Bar History [2024]
disable-or-enable-microphone-in-windows-11
Windows
4 Ways to Disable or Enable Microphone in Windows 11 [2024]

Leave a Comment