how to enable secure boot in bios - Brave Search

How do I enable secure boot on my desktop PC?

reddit.com › r › techsupport › comments › umrsc7 › how_do_i_enable_secure_boot_on_my_desktop_pc

TPM ACTIVATION: In BIOS (spam delete or F2 when booting), hit F7 (Advanced Mode), then go to the "Advanced" tab. Where it says "AMD fTPM Configuration" switch the TPM Device Selection to "Firmware TPM". F10 to save and exit. SECURE BOOT ACTIVATION: In BIOS (spam delete or F2 when booting), hit F7 (Advanced Mode), then go to the "Boot" tab. Where it says "Secure Boot" switch it to "Enabled". F10 to save and exit. Another option would be to upgrade your BIOS to the latest and it should activate all that stuff for you since they're now coming as "Windows 11 ready" Answer from JustAnotherN3rd on reddit.com

Microsoft Support

support.microsoft.com › en-us › windows › windows-11-and-secure-boot-a8ff1202-c0d9-42f5-940f-843abef64fad

Windows 11 and Secure Boot - Microsoft Support

Learn how to change settings to enable Secure Boot if you are not able to upgrade to Windows 11 because your PC is not currently Secure Boot capable.

reddit.com › r/techsupport › how do i enable secure boot on my desktop pc?

r/techsupport on Reddit: How do I enable secure boot on my desktop PC?

May 10, 2022 -

I want to upgrade to Windows 11 (from Windows 10) and I need to have "Secure boot" enabled.

My motherboard is "ASUS PRIME A320M-K (AM4)" and I've followed the steps of this video selecting the option "Windows UEFI Mode" but when I open the "PC Health Check" app it keeps saying that I need to enable secure boot. I don't know what else to do.

This is the video that I've followed (1 min long): https://www.youtube.com/watch?v=Z0QxzpfwEz4

And this is the screenshot of the PC Health Check app: https://i.imgur.com/UJVRmqY.jpg

TPM ACTIVATION: In BIOS (spam delete or F2 when booting), hit F7 (Advanced Mode), then go to the "Advanced" tab. Where it says "AMD fTPM Configuration" switch the TPM Device Selection to "Firmware TPM". F10 to save and exit. SECURE BOOT ACTIVATION: In BIOS (spam delete or F2 when booting), hit F7 (Advanced Mode), then go to the "Boot" tab. Where it says "Secure Boot" switch it to "Enabled". F10 to save and exit. Another option would be to upgrade your BIOS to the latest and it should activate all that stuff for you since they're now coming as "Windows 11 ready"

i dont want to deal with reboots and stuff, how do i play valorant without all that bs? casual users are not into programming and advanced stuff

Discussions

Secure Boot State - how do I turn on?

If your builder installed Windows in "Legacy" or "CSM" mode, enabling Secure Boot now will stop Windows from loading. To check this, press Windows + R, type msinfo32, and press Enter. Look for the line BIOS Mode. If it says UEFI, you are safe to proceed. More on learn.microsoft.com

learn.microsoft.com

2

0

December 22, 2025

How do I enable secure boot 2.0

You can find it in the motherboard manual. More on reddit.com

r/pcmasterrace

11

1

June 18, 2024

How do I enable secure boot?

Hi I'd begin by restoring BIOS/UEFI defaults and go from there As a note.. If you prep yourself an install of Windows 11 using RUFUS you can turn off all these security requirements. Then if you feel you need them you can enable them anyway if you choose. To continue from your question. It would be helpful to know the motherboard model and revision you are using so we can cross check the settings available and what change may affect another. MSI made more than one type of board over the years :) MSI said in general... MSI Statement on Secure Boot January 19,2023 MSI implemented the Secure Boot mechanism in our motherboard products by following the design guidance defined by Microsoft and AMI before the launch of Windows 11. We preemptively set Secure Boot as Enabled and "Always Execute" as the default setting to offer a user-friendly environment that allows multiple end-users the flexibility to choose from thousands of different components (or even more) that include built-in option ROM, including OS images, resulting in higher compatibility configurations. For users who are highly concerned about security, they can still set “Image Execution Policy” as "Deny Execute" or other options manually to meet their security needs. MSI will be rolling out new BIOS files for motherboards with ”Deny Execute” as the default setting for higher security levels. MSI will also keep a fully functional Secure Boot option in the BIOS for end-users so that they can modify it according to their needs. ▲ “Image Security Policy” can be found in “Security\ Secure Boot” or “Settings\ Security\ Secure Boot” with “Security Boot Mode” set to “Custom”. I think you've changed something else other than Secure Boot. And its nothing to do with your drive partition style GPT or MBR, its irrelevant. Secure boot is only relevant to verifying the boot software. It works with both MBR and GPT devices. The constraints are actually that of the firmware: UEFI needs GPT (except in Legacy mode), while BIOS needs MBR. As a GPT disk has a fake MBR header, it can work with a device that requires MBR (with limitations). More on reddit.com

r/computerhelp

4

2

April 8, 2024

How to enable secure boot

In my case, no matter what I was doing, the device didn't want to save that setting. Fortunately, there is an easy to way to enter BIOS with Secure Boot enabled. After starting the device, you need to hold the volume down button until BIOS opens. More on reddit.com

r/ASUSROG

19

7

October 24, 2023

Videos

How To Turn On Secure Boot | Step by Step Guide | Asus, Asrock, ...

How to Enable Secure Boot in Windows 11 (Step-by-Step Tutorial) ...

How to Enable Secure Boot - YouTube

How to Enable Secure Boot in Windows 11 | Step By Step Guide - YouTube

September 28, 2025

How to access UEFI BIOS to turn on Secure Boot option - YouTube

February 18, 2026

How to enable Secure Boot on your PC - YouTube

cbtnuggets.com › tutorials › how-to-enable-secure-boot-windows

How to Enable Secure Boot in Windows | CBT Nuggets Tutorial

If you have an older Intel system, you might not see all these options. In that case, go to "Key Management" and choose "Install Default Secure Boot Keys." The BIOS will ask if you're sure—select Yes.

dell.com › support › kbdoc › en-us › 000190116 › how-to-enable-secure-boot-on-your-dell-device

How to Enable Secure Boot on Dell Devices for Windows 11 | Dell US

May 11, 2026 - Once you enter the BIOS, look for the Secure Boot option. Change Secure Boot to Enabled. Select Apply or Save and Exit, depending on your computer. The computer will restart and boot back to the Windows desktop. For more information about the BIOS, review the System Manual for your computer ...

help.ea.com › home › technical issues › how to use secure boot

How to use Secure Boot on PC

1 week ago - To use Secure Boot, TPM 2.0 needs to be turned on, your Windows disk must be set to GPT, and your BIOS to UEFI. When these requirements are met, you can enable Secure Boot from your PC’s Advanced startup. Follow the steps in our guide for help enabling Secure Boot and checking if your PC ...

asus.com › support › faq › 1050047

How to Enable/Disable Secure Boot | Official Support | ASUS Global

3 weeks ago - For those utilizing Notebook, ... enter BIOS configuration. When the device is completely shut down, persistently hold the [F2] key on the keyboard and simultaneously press the [Power button] to boot up....

asrock.com › support › faq.asp

My software requires Secure Boot to be enabled. How can I ...

Step 1. Please press the "F2” key during POST to enter BIOS setup. Go to Boot\CSM (Compatibility Support Module) and set "CSM" to "Disabled". Press the "F10” key to save configuration changes. Step 2. Go to Security\Secure Boot and set "Secure Boot Mode" to "Custom".

Find elsewhere

Google Bing Mojeek

itarian.com › blog › how-to-enable-security-boot

How to Enable Security Boot in BIOS

November 20, 2025 - Start by entering the firmware interface. ... Restart your PC and repeatedly press the correct key. Secure Boot only works in UEFI. Check boot mode under the BIOS Boot tab. Change it to UEFI.

blog.comodo.com › home › strengthening system security: enabling secure boot in windows

Enable Secure Boot on Windows Devices - Comodo News

September 29, 2025 - Your device will restart into the firmware interface. ... Press the key repeatedly during boot to enter the setup screen. ... Go to the Boot or Security tab. Locate the Secure Boot option. Change the setting from Disabled to Enabled.

Multicare Technical

multicaretechnical.com › home › computers › 🔐 how to enable secure boot – complete step-by-step guide

How to Enable Secure Boot in BIOS (Windows 11/10, HP, ASUS, Gigabyte, Lenovo)

November 14, 2025 - Enter UEFI BIOS Settings. Go to Security, Boot, or Advanced tab. Find Secure Boot option. Set it to Enabled.

wikihow.com › computers and electronics › operating systems › windows › how to enable secure boot & tpm 2.0 in your pc's bios: guide

How to Enable Secure Boot & TPM 2.0 in Your PC's BIOS: Guide

February 16, 2026 - If you have a Restart button but not a BIOS setup button, follow these instructions: Navigate to Settings > Advanced > Windows OS Configuration. Depending on your computer, these menu items may have different names, but they should be similar.

Microsoft Learn

learn.microsoft.com › en-us › answers › questions › 5675921 › secure-boot-state-how-do-i-turn-on

Secure Boot State - how do I turn on? - Microsoft Q&A

Hi Dr. James Parker,

Regarding your concern about the "red flag," you can generally rest easy. While it is true that pre-built systems from major manufacturers (like Dell, HP, or Lenovo) are required by Microsoft to ship with Secure Boot enabled, custom-built PCs behave differently. Motherboard manufacturers often ship boards with Secure Boot disabled or in "Setup Mode" by default to maximize compatibility with a wide range of hardware, older graphics cards, and operating systems during the initial build process. It is likely your builder simply installed Windows and verified stability without taking the final step to lock down the boot process. It is less a sign of malice and more a sign of a standard, compatibility-first assembly process.

However, before you attempt to enable it, we must verify a critical prerequisite to prevent your system from becoming unbootable. Secure Boot strictly requires the UEFI boot mode and a GPT partition style hard drive. If your builder installed Windows in "Legacy" or "CSM" mode, enabling Secure Boot now will stop Windows from loading. To check this, press Windows + R, type msinfo32, and press Enter. Look for the line BIOS Mode. If it says UEFI, you are safe to proceed. If it says Legacy, do not enable Secure Boot yet; you would first need to convert your drive using the MBR2GPT tool, or Windows will fail to start.

Assuming your BIOS Mode confirms "UEFI," you can enable Secure Boot by restarting your computer and pressing the setup key (usually Del or F2) to enter the BIOS menu. Navigate to the Boot, Security, or Windows OS Configuration tab (this varies by motherboard brand like ASUS, MSI, or Gigabyte). You first need to find a setting called CSM (Compatibility Support Module) and ensure it is set to Disabled. Secure Boot cannot be active while CSM is enabled.

Once CSM is disabled, locate the Secure Boot option. If you toggle it to "Enabled" but it immediately reverts to "Disabled," or if the system reports it is in "Setup Mode," you need to load the factory encryption keys. Look for an option explicitly named Restore Factory Keys, Install Default Secure Boot Keys, or Change to User Mode. After installing these keys, the Secure Boot status should successfully switch to "Enabled." Save your changes (usually F10) and reboot.

I hope you've found something useful here. If it helps you get more insight into the issue, it's appreciated to accept the answer. Should you have more questions, feel free to leave a message. Have a nice day!

VP

To turn on Secure Boot, follow these steps:

Uninstall any incompatible hardware or operating systems: Ensure that any graphics cards, hardware, or operating systems that aren't compatible with Secure Boot are removed.
Access the PC BIOS menu: You can usually access this menu by pressing a key during boot, such as F1, F2, F12, or Esc. Alternatively, from Windows, hold the Shift key while selecting Restart, then go to Troubleshoot > Advanced Options: UEFI Firmware Settings.
Locate the Secure Boot setting: Find the Secure Boot option, which is typically in the Security, Boot, or Authentication tab. If available, set it to Enabled. On some PCs, you may need to select Custom and load the Secure Boot keys that are built into the PC.
Save changes and exit: After enabling Secure Boot, save your changes and exit the BIOS. Your PC will reboot.
Troubleshoot if necessary: If your PC fails to boot after enabling Secure Boot, you may need to go back into the BIOS and disable Secure Boot.

Regarding your concern about the computer being delivered with Secure Boot turned off, it is not uncommon for custom-built PCs to have Secure Boot disabled, especially if they were configured to run non-certified operating systems or hardware. The default state can vary based on the manufacturer and specific configurations.

References:

Disabling Secure Boot
Secure the Windows boot process

wisecleaner.com › think-tank › 312-How-to-enable-Secure-Boot-in-BIOS-settings.html

How to enable Secure Boot in BIOS settings

August 16, 2021 - 1. Press the power button to turn on the computer, and then immediately press F2 or Fn+F2 to enter the BIOS. 2. Select Security - Secure Boot, then select Enabled

support.faceit.com › hc › en-us › articles › 4406281700370-Enabling-Secure-Boot

Enabling Secure Boot – FACEIT

If you are not familiar with making changes in your BIOS we recommend contacting a professional. ... In the System Information window, BIOS Mode should display UEFI and Secure Boot State should be set to On

dell.com › support › contents › en-us › videos › videoplayer › how-to-enable-secure-boot › 6333794882112

How To Enable Secure Boot | Dell US

Navigate to the “Boot Configuration” tab on the left menu. Set the boot mode to “UEFI” only and enable “Secure Boot”. Click on “Apply Changes” and exit BIOS. To enable Secure Boot in systems manufactured before 2021, expand the “General” section.

intel.com › product support › server products › server boards

How to Enable Secure Boot in Intel® Server Boards?

Follow these steps to properly configure Secure Boot and resolve the warning message · Access BIOS Setup by pressing F2 repeatedly during system POST (Power-On Self-Test) when the Intel logo appears

asus.com › support › faq › 1049829

[Motherboard] How to enable or disable Secure Boot ? | Official Support | ASUS Global

Secure Boot State：The option is in gray as default and can't manually set. It is synced with Secure Boot Keys ... If it shows as On, it means Secure Boot is Enabled.

msi.com › blog › how-to-enable-secure-boot-and-tpm-2.0-on-msi-am4-motherboards

How to Enable Secure Boot and TPM 2.0 on MSI AM4 Motherboards

September 18, 2025 - How to enable Secure Boot? 1. Verify that the system disk is using GPT partition style. If it is MBR, use the Windows built-in MBR2GPT tool to convert it. 2. Switch the motherboard BIOS mode from CSM to UEFI. 3. Enable Secure Boot.

wikihow.com › computers and electronics › operating systems › windows › how to turn on secure boot on windows 10 & 11: simple guide

How to Turn on Secure Boot on Windows 10 & 11: Simple Guide

March 10, 2026 - If you have a Restart button but not a BIOS setup button, follow these instructions: Navigate to Settings > Advanced > Windows OS Configuration. Depending on your computer, these menu items may have different names, but they should be similar.

itarian.com › blog › how-to-enable-secure-boot

How to Enable Secure Boot on Your PC (Step-by-Step Guide)

July 31, 2025 - Windows 10/11 or a Secure Boot-compatible OS is installed. TPM (Trusted Platform Module) may be enabled for full security. Press Win + R, type msinfo32, and hit Enter. Look for Secure Boot State. ... Restart your PC.