How To Secure Boot On Vanguard

People are currently reading this guide.

Unleash the Full Power of Valorant: A Comprehensive Guide to Enabling Secure Boot for Vanguard

Hey there, fellow Valorant agents! Are you encountering frustrating error messages like VAN9001 or VAN9003 when trying to dive into your favorite tactical shooter? Chances are, Riot Games' formidable anti-cheat system, Vanguard, is demanding that you enable Secure Boot and TPM 2.0 on your system. Don't let these technical terms intimidate you! This lengthy, step-by-step guide will walk you through the entire process, ensuring you can get back to clutching those rounds in no time.

Why Secure Boot Matters for Vanguard (and You!)

Before we jump into the technicalities, let's briefly understand why Vanguard requires Secure Boot and TPM 2.0. Think of Secure Boot as a digital bouncer at the club (your PC). It ensures that only trusted software, digitally signed by a reputable authority, can load during your system's startup. This prevents malicious software (malware, rootkits, and especially cheats) from injecting themselves into your system at a fundamental level, compromising its integrity.

TPM 2.0 (Trusted Platform Module) acts as a secure cryptographic processor, working hand-in-hand with Secure Boot to further establish a "trusted" environment for your PC. By mandating these features, Riot Games significantly raises the bar for cheaters, making it much harder for them to bypass Vanguard's defenses and ruin the game for legitimate players. So, while it might seem like an extra hoop to jump through, it's ultimately for the betterment of the entire Valorant community!


Step 1: Are You Ready? Checking Your Current System Status

Before we start tinkering, let's verify if Secure Boot and TPM 2.0 are already enabled or if your system even supports them. This initial check will save you a lot of time and effort!

1.1: Checking Secure Boot State

  • Press Windows Key + R to open the Run dialog box.

  • Type msinfo32 and press Enter. This will open the System Information window.

  • In the left-hand panel, ensure "System Summary" is selected.

  • On the right side, look for two crucial entries:

    • BIOS Mode: This should say UEFI. If it says "Legacy" or "CSM," don't worry, we'll address this in a later step.

    • Secure Boot State: This should say On. If it says "Off" or "Unsupported," then you've found the culprit, and we need to enable it.

1.2: Verifying TPM 2.0 Status

  • Press Windows Key + R again to open the Run dialog box.

  • Type tpm.msc and press Enter. This will open the Trusted Platform Module (TPM) Management console.

  • In the "Status" section, you want to see the message: "The TPM is ready for use."

  • Below that, under "TPM Manufacturer Information," check the Specification Version. It must be 2.0 for Valorant to function correctly.

If you see "Compatible TPM cannot be found" or a specification version lower than 2.0, your system's TPM might be disabled in the BIOS, or your hardware might not support TPM 2.0. We'll cover enabling it in the BIOS if it's supported.


Step 2: Entering the BIOS/UEFI - The Gateway to Secure Boot

This is where things can get a little tricky, as BIOS interfaces vary significantly between motherboard manufacturers. However, the core principles remain the same.

2.1: Restarting Your PC and Accessing BIOS

  • Save all your open work and close all applications. We're about to restart your computer.

  • Restart your PC. As soon as your computer begins to restart (often when you see the manufacturer's logo, like Dell, HP, ASUS, MSI, Gigabyte, etc.), you need to rapidly press a specific key to enter the BIOS/UEFI setup.

  • Common BIOS Keys:

    • Del (Delete): Very common for many motherboards.

    • F2: Another very common key.

    • F10

    • F12

    • Esc

    • If you're unsure, consult your motherboard's manual or do a quick online search for "your motherboard model + BIOS key." You might need to try a few times to get the timing right.

2.2: Navigating the BIOS Interface

  • Once in the BIOS, you'll typically navigate using your keyboard's arrow keys. Your mouse may not work here.

  • BIOS interfaces often have tabs like:

    • Boot

    • Security

    • Advanced

    • Settings

    • Exit

  • Look for options related to Boot Mode, Secure Boot, and TPM or Trusted Computing.


Step 3: Converting to UEFI Mode (If Necessary)

If Step 1.1 showed your BIOS Mode as "Legacy" or "CSM," you'll need to convert your operating system drive from MBR (Master Boot Record) to GPT (GUID Partition Table) and then set your BIOS to UEFI mode. This is a critical step, and backing up your data beforehand is highly recommended! While Windows offers a tool to convert without data loss, unforeseen issues can occur.

3.1: Checking Your Disk Partition Style

  • While still in Windows (if you exited BIOS), Press Windows Key + X and select Disk Management.

  • Right-click on your OS drive (usually C:) and select Properties.

  • Go to the Volumes tab.

  • Look for "Partition style." If it says Master Boot Record (MBR), you need to convert it. If it says GUID Partition Table (GPT), you can skip to Step 3.3.

3.2: Converting MBR to GPT (Data-Safe Method)

  • Open Command Prompt as an Administrator. (Search for "cmd" in the Start Menu, right-click, and select "Run as administrator").

  • Type the following command and press Enter:

    mbr2gpt /validate /allowFullOS
    
    • This command will validate if your disk is ready for conversion. If it says "Validation completed successfully," you can proceed. If not, you might have issues that need to be resolved (e.g., too many primary partitions).

  • If validation passes, type the following command and press Enter:

    mbr2gpt /convert /allowFullOS
    
    • This will convert your disk to GPT. It might take a few moments.

  • Restart your PC and immediately re-enter the BIOS (as in Step 2.1).

3.3: Setting BIOS Mode to UEFI

  • Once back in the BIOS, navigate to the Boot or Boot Configuration tab.

  • Look for an option called "Boot Mode," "BIOS Mode," or similar.

  • Change the setting from "Legacy" or "CSM" to UEFI.

  • Save your changes and Exit BIOS (usually F10). Your computer will restart.


Step 4: Enabling Secure Boot in BIOS

Now that your system is in UEFI mode (if it wasn't already), we can proceed with enabling Secure Boot.

4.1: Locating the Secure Boot Option

  • Restart your PC and enter the BIOS again (as in Step 2.1).

  • Navigate to the Boot or Security tab. The exact location can vary:

    • ASUS: Look under Boot > Secure Boot.

    • Dell: Look under Boot Configuration > Boot Sequence > Set to UEFI then look for Secure Boot.

    • HP: Look under System Configuration > Boot Options tab.

    • MSI: Often under Settings > Security > Secure Boot.

    • Gigabyte: Usually under BIOS Features > Secure Boot.

4.2: Enabling Secure Boot

  • Once you find the Secure Boot option, set it to Enabled.

  • You might also see an option related to "OS Type" or "Windows 8.1/10 WHQL Support." If so, ensure it's set to "Windows UEFI Mode" or "Enabled." This setting is crucial for Secure Boot to function correctly with Windows.

  • Sometimes, after enabling Secure Boot, you might need to enroll secure boot keys. Look for an option like "Key Management," "Restore Factory Keys," or "Install Default Secure Boot Keys." Select this option to ensure the default keys are loaded.


Step 5: Enabling TPM 2.0 in BIOS

This step is equally important for Vanguard, especially if Step 1.2 indicated that TPM was not ready or was a lower version.

5.1: Finding the TPM Setting

  • While still in the BIOS, navigate to the Security or Advanced tab.

  • Look for an option related to TPM, Trusted Computing, Intel Platform Trust Technology (IPTT) (for Intel CPUs), or AMD fTPM switch (for AMD CPUs).

  • The naming can be different across manufacturers:

    • ASUS: Often under Advanced > PCH-FW Configuration > TPM Device Selection or Trusted Computing.

    • MSI: Often under Settings > Security > Trusted Computing.

    • Gigabyte: Usually under Settings > Miscellaneous > Intel Platform Trust Technology or AMD fTPM Switch.

5.2: Activating TPM 2.0

  • Set the TPM option to Enabled.

  • Ensure that if there's a specific version selection, it's set to TPM 2.0.

  • If you find an option like "Security Device Support," enable that as well.


Step 6: Saving Changes and Restarting

  • After making all the necessary changes in your BIOS (UEFI Mode, Secure Boot Enabled, TPM 2.0 Enabled), you need to save your changes and exit.

  • Look for an "Exit" tab or an option like "Save & Exit Setup" (often mapped to the F10 key).

  • Confirm that you want to save the configuration changes when prompted.

  • Your computer will then restart.


Step 7: Verifying the Changes in Windows

Once your PC reboots, it's time to confirm that Secure Boot and TPM 2.0 are now active in Windows.

  • Repeat Step 1.1 (Checking Secure Boot State) and Step 1.2 (Verifying TPM 2.0 Status).

  • This time, you should see:

    • BIOS Mode: UEFI

    • Secure Boot State: On

    • TPM Status: "The TPM is ready for use." and Specification Version: 2.0

If all these checks pass, congratulations! You have successfully enabled Secure Boot and TPM 2.0 for Valorant.


Step 8: Launching Valorant and Enjoying the Game!

Now that your system meets Vanguard's requirements, launch Valorant. You should no longer encounter the VAN9001 or VAN9003 errors. Dive into the action and enjoy a more secure and cheat-free gaming experience!


Troubleshooting and Important Notes:

  • BIOS Updates: If you cannot find the Secure Boot or TPM options, or if they are greyed out, your BIOS might be outdated. Visit your motherboard manufacturer's website to download and install the latest BIOS firmware. Proceed with caution when updating BIOS, as an improper update can brick your motherboard.

  • Older Hardware: Some very old motherboards and CPUs may genuinely not support TPM 2.0. In such rare cases, you might be limited to playing Valorant on Windows 10 (which does not have the same strict TPM 2.0 requirement for Valorant) or consider a hardware upgrade.

  • Custom Secure Boot Configurations: If you've previously tinkered with custom Secure Boot keys, you might need to reset them to factory defaults within the BIOS.

  • Running as Administrator/Compatibility Mode: In very rare cases, if you still encounter issues after enabling Secure Boot and TPM, try running Valorant or the Riot Client as an administrator. Right-click on the shortcut, select "Properties," go to the "Compatibility" tab, and check "Run this program as an administrator." You can also try setting it to run in "Compatibility mode for Windows 8."


10 Related FAQ Questions

Here are some frequently asked questions about Secure Boot and Vanguard:

How to check if my PC supports TPM 2.0?

You can check by pressing Windows Key + R, typing tpm.msc, and checking the "Status" and "Specification Version" in the opened window. It should say "The TPM is ready for use" and "Specification Version: 2.0".

How to convert MBR to GPT without losing data?

Use the mbr2gpt /convert /allowFullOS command in an administrative Command Prompt after running mbr2gpt /validate /allowFullOS to ensure compatibility. Always back up your data first.

How to update my BIOS firmware?

Visit your motherboard manufacturer's official website, find your specific motherboard model, download the latest BIOS update, and follow their provided instructions carefully.

How to enter BIOS on different PC brands?

Common keys are Del, F2, F10, F12, or Esc. The exact key depends on your motherboard manufacturer (e.g., ASUS, MSI, Dell, HP, Gigabyte). Check your manual or search online for your specific model.

How to fix VAN9001 or VAN9003 errors in Valorant?

These errors typically indicate that Secure Boot and/or TPM 2.0 are not enabled. Follow the steps in this guide to enable both in your BIOS/UEFI settings.

How to enable Intel PTT or AMD fTPM?

These are the Intel and AMD equivalents of TPM. You'll find these options in your BIOS under Security or Advanced settings, often labeled "Intel Platform Trust Technology (IPTT)" or "AMD fTPM switch." Enable them.

How to set my BIOS to UEFI mode?

In your BIOS settings, navigate to the "Boot" or "Boot Configuration" section and change the "Boot Mode" or "BIOS Mode" option from "Legacy" or "CSM" to "UEFI."

How to reset Secure Boot keys in BIOS?

Within the Secure Boot settings in your BIOS, look for an option like "Key Management," "Restore Factory Keys," or "Install Default Secure Boot Keys." Selecting this will re-establish the default cryptographic keys.

How to run Valorant as an administrator?

Right-click on the Valorant shortcut, select "Properties," go to the "Compatibility" tab, and check the box for "Run this program as an administrator." Click "Apply" and "OK."

How to play Valorant if my hardware doesn't support TPM 2.0?

If your hardware truly doesn't support TPM 2.0, playing Valorant on Windows 11 might not be possible. You might consider downgrading to Windows 10 (which has less stringent TPM requirements for Valorant) or upgrading your hardware.

7007240502112042628

You have our undying gratitude for your visit!