How to fix yellow exclamation mark in Device Manager

How do I fix the yellow exclamation mark on Windows 10?

A yellow exclamation mark on a Windows drive usually appears when the drive is low on space, but if you're installing Windows 10, it could be due to Bitlocker drive encryption being turned off.

If your drive has a yellow exclamation mark as shown above, try checking to see if Bitlocker on your computer is turned off.

Type PowerShell in the search box, then right-click PowerShell in the search results and select Run As Administrator.

The PowerPoint window will appear.

You enter the Get-BitLockerVolume command

You will see a list of Bitlocker drives. Note that Protection Status is Off. Now we just need to turn it on.

How to enable BitLocker encryption on Windows?

To enable BitLocker encryption on Windows you can go Control Panel, then select BitLocker Driver Encryption

To open the Control Panel on Windows 10, you can click on the "Start" button (Windows icon) located on the bottom-left corner of your screen.

Next, Type "Control Panel" into the search bar.

Finally, Click on the "Control Panel" app that appears in the search results.

Next, select the BitLocker Driver Encryption item.

Click 'Turn on BitLocker'

If you get an error 'This device can’t use a Trusted Platform Module. Your administrator must select the “Allow BitLocker without a compatible TPM” option in the “Require additional authentication at startup” policy for OS volumes.' you can fix as shown below.

How to fix 'This device cannot use a Trusted Platform Module' error on Windows.

If you're encountering the "This device cannot use a Trusted Platform Module" error on Windows, it could be due to various reasons

If you use Microsoft's Bitlocker data encryption feature to encrypt your hard drive or USB on Windows and you receive the error message above after setting up BitLocker. This means that your computer does not have a TPM chip (Trusted Platform Module).

Here's a step-by-step guide to troubleshoot and potentially fix this issue:

1. Check TPM Compatibility: Ensure that your device's hardware supports Trusted Platform Module (TPM). TPM is a hardware-based security feature, and not all devices come with it.

2. Enable TPM in BIOS/UEFI: If your device supports TPM but it's disabled in BIOS/UEFI settings, you need to enable it. Restart your computer and enter BIOS/UEFI settings by pressing a specific key (usually F2, F10, or Del) during startup. Look for TPM settings and enable it if it's disabled. Save changes and exit BIOS/UEFI.

3. Update BIOS/UEFI Firmware: Sometimes, outdated firmware can cause compatibility issues with TPM. Check your device manufacturer's website for BIOS/UEFI updates and install the latest version.

4. Clear TPM: If TPM was previously enabled but you're still encountering the error, try clearing the TPM.

   • Press Win + R to open the Run dialog, then type tpm.msc and press Enter to open the TPM Management console.
   • In the console, click on "Clear TPM" option from the right-hand side panel. Next, Follow the on-screen instructions to clear the TPM.

5. Check TPM Services: Ensure that TPM-related services are running properly. To do this:

   • Press Win + R to open the Run dialog, then type services.msc and press Enter to open the Services console.
   • Look for services like "Trusted Platform Module" or "TPM Base Services". Make sure they are set to "Automatic" startup type and are running. If not, right-click on the service, select Properties, set Startup type to Automatic, and start the service.

6. Update Windows: Ensure that your Windows operating system is up-to-date. Sometimes, Microsoft releases updates to address compatibility issues and bugs related to TPM.

7. Driver Updates: Make sure all drivers on your system, especially chipset drivers, are up-to-date. Visit your device manufacturer's website or use Windows Update to check for driver updates.

8. Check for Malware: Sometimes, malware or viruses can interfere with TPM functionality. Run a full system scan using your preferred antivirus software to ensure your system is clean.

9. Contact Manufacturer Support: If none of the above steps resolve the issue, it's possible there's a hardware problem with your TPM module. Contact your device manufacturer's support for further assistance or to inquire about warranty options.

Another way you can use Group Policy Editor to fix "This device cannot use a Trusted Platform Module".

How to enable Trusted Platform Module?

Press the Windows+R key combination to open the Run dialog box, then type gpedit.msc, press Enter.

Click Expand Computer Configuration -> Administrative Templates ->Windows Components ->BitLocker Drive Encryption ->Operating System Drives.

On the Operating System Drives tab, find the Require additional authentication at startup option, then right-click Require additional authentication at startup -> select Edit.

Select Enabled at the top of the left pane and check Allow BitLocker without a compatible TPM. then select Apply -> OK and close the Group Policy Editor window.

Next, Press the Windows+R key combination to open the Run dialog box, then type cmd, and then press Enter.

At the CMD interface, type gpupdate, then Enter to update the policy change.

Wait until the policy update is successful. You will receive the message 'Computer Policy update has completed successfully' as below.

Now, Open your BitLocker Driver Encryption again from the Control Panel, then click 'Turn on BitLocker'

Select Enter a password or Insert a USB flash drive method

I will choose the password input method, then enter a strong password

Netx, Choose the data saving method you want

Finally, Click Activate Bitlocker button to finish

Return to your computer and you will no longer see the yellow exclamation mark drive warning.