I've been exploring options for when and how I should switch to Windows 11. I'm currently using a two-year-old desktop running Windows 10 Pro. It specs were relatively high end and customized when I had the machine built.
According to Microsoft's PC Health Check, the desktop more than meets the requirements to run Windows 11, but with one exception. It currently does not have TPM 2.0. But the Health Check says that it does support Secure Boot.
I've explored the options for having TPM 2.0. For roughly $100 I could purchase an add on TPM chip/module that would plug into a dedicated port on the motherboard. However, the Intel chipset on the motherboard is one that has Intel's PTT built in. From what I've been able to learn from articles on the Internet, if I activate the PTT I would then meet Windows' requirement for TPM 2.0.
I'm in no rush to switch to Windows 11 but do not want to lose the opportunity to acquire a TPM chip if that turns out to be the root I need to go. I'm tempted to activate the built-in PTT and see what happens – I've looked at the relevant switch on the motherboard's UEFI/BIOS to do this but have yet to do anything.
Before going down this route I'm wondering if someone can explain to me the practical consequences of activating TPM. (And I believe Secure Boot would be activated automatically if I activate the TPM – but I may be wrong on this point.)
I've read some of the technical explanations about what TPM and Secure Boot do but I am not at all clear on what they do in the real world. All that I've seen is that they possibly can stop the ability to use some types of operating systems, including legitimate ones such as Linux; but I don't know if that's true.