From edfde175b33f0d63725670f074325980f97a682e Mon Sep 17 00:00:00 2001 From: Hany Farag Date: Mon, 12 Jun 2017 10:15:27 -0700 Subject: [PATCH] Create tpm-recommendations.md I own the TPM and we need to make a clarification that Bitlocker on TPM 2.0 requires UEFI boot. --- windows/device-security/tpm/tpm-recommendations.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/device-security/tpm/tpm-recommendations.md b/windows/device-security/tpm/tpm-recommendations.md index 20d05b68d2..45cf1ca6a9 100644 --- a/windows/device-security/tpm/tpm-recommendations.md +++ b/windows/device-security/tpm/tpm-recommendations.md @@ -101,7 +101,7 @@ The following table defines which Windows features require TPM support. | Windows Features | Windows 10 TPM 1.2 | Windows 10 TPM 2.0 | Details | |-------------------------|----------------------|----------------------|----------| | Measured Boot | Required | Required | Measured boot requires TPM 1.2 or 2.0 and UEFI Secure boot. | -| Bitlocker | Required | Required | TPM 1.2 or later required or a removable USB memory device such as a flash drive. | +| Bitlocker | Required | Required | TPM 1.2 or later required or a removable USB memory device such as a flash drive. Please note that TPM 2.0 requires UEFI boot in order for Bitlocker to work properly | | Passport: Domain AADJ Join | Required | Required | Supports both versions of TPM, but requires TPM with HMAC and EK certificate for key attestation support. | | Passport: MSA or Local Account | Required | Required | TPM 2.0 is required with HMAC and EK certificate for key attestation support. | | Device Encryption | Not Applicable | Required | TPM 2.0 is required for all InstantGo devices. | @@ -120,4 +120,4 @@ Government customers and enterprise customers in regulated industries may have a ## Related topics -- [Trusted Platform Module](trusted-platform-module-top-node.md) (list of topics) \ No newline at end of file +- [Trusted Platform Module](trusted-platform-module-top-node.md) (list of topics)