A lot of users complain that
PCR7 Binding is not supported
in Windows 10/11. What causes the PCR7 Binding not supported error? How to fix it? Here,
MiniTool
will explore the answers.
What Is PCR7 Binding
PCR7 Binding is a technology that helps Windows users
encrypt hard drives
on their computers. It is different from Bitlocker. Bitlocker is used for Windows 11/10 Pro, Enterprise, or Education edition. Windows 11/10 Home users cannot use Bitlocker because Windows 11/10 Home does not support it. Instead, they can use the PCR7 Binding technology to encrypt their drives.
PCR7 Binding System Requirements
The PCR7 Binding technology requires some hardware specifications. The PCR7 Binding system requirements are as follows:
If your system has these hardware specifications, you can use the PCR7 Binding technology to encrypt your drives. If not, you will see a message in System Information that PCR7 Binding is not supported.
How to Check If PCR7 Binding Is Not Supported
You can check to see if your PC supports PCR7 binding in System Information. To do this, follow the steps below:
Step 1:
Click
Windows Search
and type
system information
.
Step 2:
Now, right-click on the
System Information
app and select
Run as administrator
. Click
Yes
on the UAC prompt.
Step 3:
In the System Information application, make sure
System Summary
is selected in the left pane.
Step 4:
If your device supports PCR7 Binding, you will see
PCR7 Configuration Binding Possible
. If not, you will see
PCR7 Configuration Binding Not Possible
.
Step 5:
Then check whether you can enable Device Encryption. To do that, scroll down the System Information page and find
Device Encryption Support
. If your device doesn't support Device Encryption, you may see any of the following messages:
Reasons for failed automatic device encryption: TPM is not usable, PCR7 binding is not supported, Hardware Security Test Interface failed and device is not Modern Standby, Un-allowed DMA capable bus/device(s) detected, TPM is not usable.
Reasons for failed automatic device encryption: Hardware Security Test Interface failed and device is not Modern Standby.
How to Fix PCR7 Binding Is Not Supported
The reason why PCR7 Binding is not supported is that “the TPM and Secure Boot features are disabled; The BIOS boot mode is set to Legacy boot mode instead of UEFI mode; Modern Standby is not enabled”. After analyzing the causes, let's try the following 4 feasible ways to fix the “PCR7 binding is not supported” issue in order until you get the problem solved.
# 1. TPM Support
A TPM is a chip designed to provide hardware-based and security-related functions. It stores encryption keys to provide endpoint security for devices.
TPM is another requirement for Device Encryption on Windows devices. So, check if your device has a TPM chip installed.
Step 1:
Press the
Win + R
key to open the
Run
dialog. Then type
tpm.msc
in it and press
Enter
.
Step 2:
Then the Trusted Management Module Management will launch. If you see the message saying “Compatible TPM cannot be found”, there is no TPM on the computer. If you see the message saying “The TPM is ready to use”, you have it.
If you have Windows 11 installed, you probably meet most of the requirements for Device Encryption, including TPM 2.0 and UEFI firmware support. However, you may still need to enable the TPM in the
BIOS setup utility
.
# 2. Change the BIOS Mode to UEFI
As you know, there are 2 different BIOS modes –
UEFI and Legacy
. If you want to use Device Encryption, you need to set the UEFI as the BIOS mode.
You can open the System Information app to see if your BIOS mode is Legacy or UEFI. If your BIOS mode is Legacy, you should change it to UEFI. To change your BIOS mode from Legacy to UEFI, your disk partition style should be GPT instead of MBR.
Step 1.
Launch the MiniTool software to enter its main interface, and then select the disk that you want to convert and click on
Convert MBR Disk to GPT Disk
from the left action panel. Then click on
OK
to confirm this change.
Step 2.
Click on
Apply
to execute the pending conversion.
Now, you need to change the BIOS mode from Legacy to UEFI. Here’s how to do it:
Step 1:
Power on your computer, and then press the
F2
keys or other function keys (F1, F3, F10, or F12) and the
ESC
or
Delete
keys to open the BIOS Setup utility window.
Step 2:
Navigate to the
Boot
tab by pressing the right arrow key.
Step 3:
Select the
UEFI/BIOS Boot Mode
, and press
Enter
.
Step 4:
In the pop-up window, select the
UEFI Boot Mode
by pressing the up and down arrow keys. Then press the
F10
key and
Enter
to save the change and exit the window.
The process may differ depending on your motherboard manufacturer. If you can’t find the UEFI option, you can check your manufacturer’s website.
Once done, restart your computer and check if the “PCR7 is not supported” issue gets fixed.
# 3. Enable the Secure Boot
Secure Boot is a security feature available on most motherboards with UEFI boot mode enabled. It enables Windows devices to boot using only software trusted by the OEM (Original Equipment Manufacturer).
However, if you have disabled Secure Boot for any reason, you may encounter the “PCR7 binding is not supported” issue. To fix this, you need to enable Secure Boot in your PC's BIOS menu.
Before that, you can verify whether Secure Boot is enabled or disabled in your system. Here's how:
Step 1:
Open the
System Information
window again.
Step 2:
Select
System Summary
from the left panel and check the
Secure Boot State
in the right panel. If it is
On
, skip to the next step. If it is
Off
or
Unsupported
, you need to enable it in BIOS. To do this work, proceed with the following steps.
Step 3:
Press the
Win + I
key to open the
Settings
window, and then select
Update & security > Recovery
and click on
Restart now
under the
Advanced startup
section. Then your PC will restart right now and
enter into BIOS
.
On Windows 11, you need to open the
Settings
window and select
System > Recovery
from the left panel and click on
Restart now
next to
Advanced startup
from the right panel.
Step 4:
Select
Troubleshoot
and then
Advanced options
in the
Advanced startup
menu.
Step 5:
Select
UEFI Firmware Settings
and click
Restart
to boot your computer into UEFI BIOS.
Step 6:
Select
BIOS Setup
, navigate to the
Secure Boot
category from the left panel and select
Secure Boot Enable
and confirm the option.
The steps to enable Secure Boot may vary for different motherboards. If you can’t find the option, check out the manual provided by your manufacturer.
Once enabled, restart your computer and check if the “PCR7 binding is not supported” issue is gone.
# 4. Modern Standby Support
Modern Standby is also known as S0 Low Power Idle Mode. A message in System Information means that Modern Standby is disabled on your device or is not supported by your system. If you want to use Device Encryption on your system, you should enable Modern Standby mode.
To check if your system supports Modern Standby, the steps are as follows:
Step 1:
Press the
Win + S
key to evoke the
search bar
. Then type
cmd
to locate
Command Prompt
and right-click on it to choose
Run as administrator
.
Step 2
: Type
powercfg /a
and press
Enter
.
Step 3
: If you see
Standby (S0 Lower Power Idle) Network Connected/Disconnected
, you have enabled
Modern Standby
.
Once done, restart your computer and check if the “PCR7 is not supported” issue gets fixed.
In this case, you can use third-party software to encrypt your hard drive. VeraCrypt and DiskCryptor are some powerful disk encryption software for Windows devices.
How to fix the PCR7 Binding not supported problem on Windows 10/11? The top 4 methods have been illustrated in this post. If you have other effective troubleshooting fixes to this problem, leave them down in the following comment zone to help more affected users.
In addition, you can send us an email to
[email protected]
if you have difficulty using MiniTool Partition Wizard and instant help will be for you.
User Comments :
Post Comment