11-17-2024 08:56 AM
On a fresh install of Windows 11 Home 24H2 with the latest drivers and BIOS firmware installed, I can't enable Device Encryption.
System Information run as administrator shows "Reasons for failed automatic device encryption: PCR7 binding is not supported". The BIOS is configured with secure boot and running tpm.msc shows the TPM is ready for use with version 2.0, and Secure Boot Status is On. BIOS is in UEFI boot mode.
powercfg /a shows that S0 is not available, but it seems that since Windows 11 24H2 modern standby is no longer a requirement.
Other places I've checked: this post suggests a fresh install deleting everything but that didn't help. This forum post also mentions problems with PCR7 binding. This page mentions "you have peripherals connected to your device during boot (like specialized network interfaces, docking stations, or external graphic card)". Does X670E-F have something like this and if so is it possible to turn it off?
I'd be grateful for any suggestions on how to make this work. Thanks!