How to enable TPM module with Windows Hello in 1Password?
Good day,
when I call up the advanced settings in 1Password, the option "Use the Trusted Platform Module (TPM) with Windows Hello" is greyed out under the "Security" 2. Category and cannot be activated.
My computer is only 1/2-year-old, runs with Windows 11 including the latest updates & TPM 2.0 is activated in the BIOS as well as in Windows.
How can I enable this TPM setting?
Translated with Google Translation, so may not be accurate!
1Password Version: 8.6.1
Extension Version: Not Provided
OS Version: Windows 11
Comments
-
Hey @1PassMicha, thanks for reaching out to us.
I'd like to ask you to run a command that will tell us a little bit more about your TPM setup. It won't reveal any sensitive data, it will just tell us the type of storage being used - (2) for software, or (1) for hardware. I'll provide the steps below:
Open Start and search for
PowerShell.In the PowerShell window, copy and paste the following, then hit Enter:
certutil -csp "Microsoft Passport Key Storage Provider" -key -v | Select-String -Pattern "NgcKeyImplType"As an example of the sort of result we expect to see, it should output something like this:
NgcKeyImplType: 1 (0x1)Could you then send us an email addressed to
support+windows@1Password.comand include:- A link to this thread: https://1password.community/discussion/128366/how-to-enable-tpm-module-with-windows-hello-in-1password
- Your forum username:
1PassMicha - The results of the PowerShell command above
We'll look forward to your email and helping you there. Thanks!
Ali
ref: WFM-84782-621
0 -
Hello again ali.hazime,
thanks for the reply, which I received via email today.
Now my new TrustKey G320H https://www.trustkeysolutions.com/security-keys/g320h/ has arrived & I'm in the process of setting it up.
That's why I'm in the process of thoroughly analyzing and rethinking my security concept for my IT and including the TrustKey.
In this respect, it could also be that I do not rely on the solution favored at the beginning of the thread via TPM chip on my motherboard with 1Password, but instead combine the TrustKey with 1Password.
I still have to find out which solution is the safest and most comfortable at the same time...
In the event that someone here is really familiar with this, specifically related to the combination 1Password & TrustKey G320H, I would be grateful for tips!
Perhaps it would also be better to start a new thread here in the forum on the topic "Combination 1Password & TrustKey G Series"?
1PassMicha ... :)
0 -
Hi @1PassMicha,
As a policy, we can't recommend one or the other solutions, they all may have their own pros and cons, there isn't a perfect solution.
A few things of note, you may lose your key, it can be stolen, and/or it could be cloned without your knowledge.
As for 1Password support, it may be grayed out because your current Windows Hello Key may have been enrolled before the TPM support was enabled. Please read my comment here: https://1password.community/discussion/comment/635830/#Comment_635830
0 -
Can someone tell me what the advantage is with this option? I was able to enable it and thought I will have the same benefit like when I use my Macbook with my T2 Chip and don`t need to enter my password even on startup.
With that enabled I need to enter the password and the fingerprint at after a fresh windows start. This is one step more than without TPM enabled.0 -
Hey @Cruncher,
This feature should provide you with the same benefit that you see on your MacBook. If you're being prompted to enter your account password on startup, we'll need to investigate further.
I'd like to ask you to create a diagnostics report from your Windows PC:
Sending Diagnostics Reports (Windows)
Attach the diagnostics to an email message addressed to
support+windows@1password.com.With your email please include:
- A link to this thread: https://1password.community/discussion/128366/how-to-enable-tpm-module-with-windows-hello-in-1password#latest
- Your forum username:
Cruncher
Thanks!
Ali
0
