A Trusted Platform Module (TPM) lockout prevents Okta Verify from authenticating. This lockout occurs when a user enters incorrect passcodes multiple times or when the Windows operating system triggers a security event. Rebooting the computer or using the TPM Microsoft Management Console (MMC) resolves the issue. When this issue occurs, Okta Verify displays the following error message:
Your device's TPM is locked, and Okta Verify cannot be used for authentication.
- Okta Identity Engine (OIE)
- Okta Classic Engine
- Okta Verify
- Trusted Platform Module (TPM) lockout
- Authentication
According to the Microsoft Manage TPM lockout article, the TPM locks itself to prevent tampering or malicious attacks. A TPM lockout occurs when a user enters incorrect passcodes in Okta Verify multiple times within a short period. Other applications or the Windows operating system can also trigger the lockout. The TPM lockout often lasts for a variable period or until the computer turns off.
How is the Trusted Platform Module lockout reset?
Reset the TPM lockout by rebooting the computer or utilizing the Microsoft Management Console to restore Okta Verify authentication.
- Reboot the computer.
- Alternatively, follow the instructions in the Reset the TPM lockout by using the TPM MMC section of the Microsoft Manage TPM lockout article.
