0X80280005

Fix TPM_E_CLEAR_DISABLED (0X80280005) – Clear Disabled Flag

Windows Errors Intermediate 👁 1 views 📅 May 28, 2026

TPM says it can't be cleared because the clear disable flag is set. You'll need physical access to the motherboard or a BIOS tweak to fix this.

You're trying to clear your TPM in Windows and it throws back error 0X80280005: the clear disable flag is set, and all clear operations now require physical access. This isn't a bug — it's a security feature. The TPM is designed so that a remote attacker can't wipe it from software alone. You need to physically press something or prove you're at the machine.

I've seen this most often when someone tries to clear the TPM after a motherboard swap or a BitLocker recovery gone sideways. Last month a client bought a used Dell OptiPlex, wanted to reset it for their small biz, and hit this wall. All the TPM clear buttons in Windows were greyed out.

The fix isn't a driver update or a registry hack. It's somewhere between your BIOS and your thumb. Here's the breakdown by cause.

1. Physical Presence Required – The Most Common Cause

This is the exact scenario the error describes. The TPM has a physical presence flag that forces you to be at the machine. It's usually set by default on newer systems (Windows 10/11, TPM 2.0). No software running on the OS can override this. You need to interact with the hardware at boot time.

How to fix it:

  1. Shut down the machine completely. Not a restart, a full shutdown.
  2. Power it on and enter the BIOS/UEFI settings. This is usually F2, Del, or F10 depending on the manufacturer.
  3. Look for a section called Security or Trusted Computing. On Dell systems it's under Security > TPM 2.0 Security. On HP it's Security > TPM Embedded Security. On Lenovo ThinkPads it's Security > Security Chip.
  4. Find an option that says Clear TPM, Reset TPM, or Change TPM State. It'll ask you to confirm with a key press (like Y or Enter) to prove you're physically there.
  5. After clearing, save changes (F10 usually) and reboot. Windows will then reinitialize the TPM.

If the BIOS option doesn't exist, you might need to use the manufacturer's tool. For example, HP has a HP TPM Configuration Utility that runs in the BIOS setup, and Lenovo has a ThinkPad TPM tool. But 90% of the time, you'll find it in the Security menu.

2. BIOS Setting Locking the Clear Flag

Some BIOS implementations let you disable the clear operation entirely. This is rare but I've seen it on older HP ProDesks and some Asus boards. There's a setting called TPM Clear Disable or Clear TPM Without Physical Presence. If it's set to Enabled or Disabled incorrectly, that flag gets stuck.

What to do:

  1. Enter the BIOS again (same key as above).
  2. Navigate to the TPM section. Look for something like TPM Clear Disable Support, Clear TPM State, or Allow Clear Without Physical Presence.
  3. Set it to Disabled or Enabled depending on what you see. If there's an option to allow clear without physical presence, enable that temporarily.
  4. Save and exit. Now try clearing the TPM from Windows (Start Menu -> Type "TPM" -> Manage TPM -> Clear TPM, then follow the prompts).

I had an Asus Prime Z390-A board where the BIOS had a checkbox "Clear TPM" under Advanced > Trusted Computing. It was greyed out because the "Physical Presence" option was set to "Disabled". Toggling that to "Enabled" fixed it instantly.

3. BitLocker or TPM Ownership Conflict

Sometimes the TPM thinks it still belongs to a previous OS or BitLocker key. If you're trying to clear it while BitLocker is active (or partially active), the OS won't let you because it's protecting the drive. This isn't the same as the physical presence flag, but it can produce the same error code if you're using a management tool like tpm.msc or PowerShell.

How to tell if this is your problem:

  • You see the error when running Clear-Tpm -Force in PowerShell, but the BIOS options look normal.
  • BitLocker is enabled or partially enabled (check in Control Panel > BitLocker Drive Encryption).
  • You recently decrypted a drive but didn't finish the process.

Fix this way:

  1. Suspend or decrypt any BitLocker drives first. Open an elevated Command Prompt and run: 
    manage-bde -protectors -disable C:

    Replace C: with your system drive. This suspends protection without decrypting the whole drive.

  2. Then go to Manage TPM (Start > TPM) and click Clear TPM. If it fails, reboot and try again.
  3. If you're still stuck, you can clear the TPM from the recovery environment: boot from Windows installation media, open Command Prompt with Shift+F10, and run: 
    tpm.msc

    Not available there? Use PowerShell: 

    Clear-Tpm -Force

    This bypasses some OS-level checks but still needs physical presence.

One time a client had a failed Windows update that left the TPM in a weird state. Their BitLocker was off in Windows but the TPM still held a key. A full BIOS clear (via the physical presence method) fixed it, then I re-enabled BitLocker afterwards.

Quick Reference Summary

Cause Symptom Fix
Physical presence required Error appears on any clear attempt Clear TPM from BIOS with a key press
BIOS setting locking clear flag Greyed out options in BIOS Enable or disable the clear flag setting
BitLocker/TPM ownership conflict Error only when using Windows tools Suspend BitLocker, then clear TPM

Bottom line: you can't software-fix this if the physical presence flag is set. You have to get into the BIOS and press the button. And if you're buying a used machine, always clear the TPM before you install anything — saves you this headache later.

Was this solution helpful?

TPM_E_CLEAR_DISABLED 0X80280005 TPM clear disabled flag fix TPM error 0X80280005 Windows TPM error clear TPM physically BIOS TPM settings TPM ownership BitLocker TPM fix Dell TPM error HP TPM error Lenovo TPM error TPM clear require physical presence