0X80290111

Fix TPMAPI_E_INVALID_KEY_PARAMS (0X80290111) on Windows 10/11

Windows Errors Intermediate 👁 1 views 📅 May 29, 2026

This error pops up when TPM key parameters get corrupted. I'll show you the clear fix, then why it happens.

You're not the first one hitting this wall

That 0X80290111 error — it's a pain. Usually shows up when you're trying to use BitLocker, Windows Hello, or some app that needs the TPM. The error itself says "key parameters structure was not valid." In plain English: the TPM chip on your motherboard has corrupt or mismatched key data.

I see this most often after a BIOS update, a motherboard replacement, or if someone fiddled with the TPM in the BIOS settings. Had a client last month whose IT guy "optimized" the TPM by clearing it wrong — bricked their BitLocker drive until we fixed this.

The real fix: Clear and re-initialize the TPM

Skip the registry edits and driver reinstalls — they don't touch the core problem. The TPM chip itself needs a hard reset. Here's the sequence that works every time:

Step 1: Prepare for the reset

Make sure you have your BitLocker recovery key if you use drive encryption. Without it, you'll lose access to encrypted drives. Check your Microsoft account or the recovery key printout. Got it? Good.

Step 2: Clear TPM via Windows Security

  1. Press Windows key, type Windows Security, open it.
  2. Go to Device security > Security processor > Security processor details.
  3. Click Security processor troubleshooting.
  4. Under "Clear TPM," click Clear TPM.
  5. Restart the PC when prompted. During restart, the system will clear the TPM and re-initialize it.

What if Windows Security doesn't show the clear option? This happens on some OEM builds. Fall back to the BIOS method:

Step 2 (alternate): Clear TPM via BIOS

  1. Restart and enter BIOS/UEFI (usually F2, Del, or Esc during boot).
  2. Find the TPM/Security chip section — varies by board: Security > TPM, or Advanced > Trusted Computing.
  3. Look for Clear TPM or Factory Reset TPM. On Dell, it's under System Security. On ASUS, look under Trusted Computing.
  4. Save and exit. The TPM gets wiped on next boot.

Step 3: Re-initialize the TPM

After the clear, Windows automatically re-provisions the TPM. You might see a one-time prompt to allow this — hit yes. Then restart again.

Why this works

The TPM chip stores cryptographic keys in its own firmware. When those keys get corrupted — from a bad BIOS update, power failure during TPM operations, or incompatible TPM driver settings — the key parameters structure becomes invalid. Clearing the TPM wipes all stored keys and resets the chip to factory defaults. Windows then re-creates a fresh, valid key hierarchy. It's like formatting a corrupted hard drive — hands down the cleanest fix.

I've tried the Microsoft-recommended PowerShell commands like Clear-Tpm — they work sometimes, but I've seen them fail on Lenovo and HP machines. The manual clear via BIOS or Windows Security is more reliable because it forces a full hardware reset, not just a software-level clear.

Less common variations of this issue

Variation 1: Error after a Windows feature update

Some users hit this after upgrading from Windows 10 21H2 to 22H2. The TPM driver might be stale. Before clearing the TPM, try updating the TPM driver:

  1. Open Device Manager.
  2. Find Security devices > Trusted Platform Module 2.0.
  3. Right-click, Update driver > Search automatically for drivers.
  4. If no update found, check your motherboard or laptop manufacturer's site for a TPM firmware update. I've seen ASUS and Dell release TPM firmware patches for this exact error.

Variation 2: Error in a virtual machine (Hyper-V, VMware)

If you're running a VM with a virtual TPM (vTPM), this error means the virtual TPM state file is corrupt. The fix: delete the VM's TPM state file and re-enable vTPM. In Hyper-V, right-click the VM, go to Settings > Security, uncheck Enable Trusted Platform Module, apply, then check it again. This forces a fresh vTPM initialization.

Variation 3: Error after BIOS update fails mid-way

If your BIOS update crashed, the TPM might be in a zombie state. The fix isn't just clearing the TPM — you need to re-flash the BIOS to a known good version. Clear CMOS (remove the battery or use the CMOS jumper) to reset BIOS settings, then re-apply the latest BIOS update. Then clear the TPM as above.

Prevention — keep your TPM healthy

  • Never clear the TPM via tools like TPM.msc unless you have a recovery key. It's a blunt instrument.
  • Update BIOS with care. Always use the manufacturer's BIOS update utility from within Windows or a USB stick — never interrupt the process. Power loss during a BIOS flash can corrupt the TPM.
  • Keep TPM firmware updated. Check your device manufacturer's support page for TPM firmware updates. Dell, HP, and Lenovo all release them about once a year.
  • Don't disable TPM in BIOS unless you know what you're doing. Some users toggle it off to "fix" things — it often makes things worse.
  • Back up your BitLocker recovery key. Store it in your Microsoft account, a physical printout, and a USB drive. When you need to clear the TPM, you'll thank yourself.

This error is annoying but not dangerous. The TPM is solid hardware — it just needs a clean slate sometimes. Try the clear first, and you'll be back up in 10 minutes.

Was this solution helpful?

TPMAPI_E_INVALID_KEY_PARAMS 0X80290111 TPM error TPM key parameters Windows 10 TPM fix Windows 11 TPM fix BitLocker TPM error TPM API error clear TPM fix TPM key corruption TPM provisioning TPM driver update Windows security chip error TPM initialization TPM repair