0X80280055

TPM_E_DAA_STAGE (0X80280055) Fix: DAA Process mismatch

Windows Errors Intermediate 👁 1 views 📅 May 28, 2026

TPM error saying the DAA stage you're in doesn't match what the chip expects. Usually happens with BitLocker or TPM provisioning after a firmware update.

Quick answer

Clear the TPM from Windows Security, then re-provision BitLocker. That resets the DAA state and fixes the mismatch.

What does TPM_E_DAA_STAGE actually mean?

You'll see error code 0x80280055 when Windows tries to run a Direct Anonymous Attestation (DAA) command on the TPM chip, but the chip's internal process counter doesn't match what the driver expects. Think of it like walking into a store on page 12 of a manual when the cashier expects you on page 8. The chip says "I'm not in that part of the protocol yet."

This usually pops up after a firmware update on the motherboard or TPM firmware update rolled out by the manufacturer. I see it most often on Dell OptiPlex and Lenovo ThinkCentre desktops after a BIOS update reset the TPM state. It also happens when you re-enable BitLocker after a Clear TPM operation without fully provisioning the TPM again.

The error shows in Event Viewer under System logs, source TPM, event ID 14 or 15. You might also see it in the command line when running tpm.msc or during BitLocker setup.

How to fix TPM_E_DAA_STAGE

You have two reliable paths. Path A works for most people. Path B is for when you can't boot into Windows properly.

Path A: Clear TPM from Windows (easiest)

  1. Press Windows key + I to open Settings. Go to Update & Security (Windows 10) or Privacy & Security (Windows 11).
  2. Click Windows Security, then Device security.
  3. Under Security processor, click Security processor details.
  4. Click Security processor troubleshooting.
  5. Click the Clear TPM button. This will turn off BitLocker and you'll need your recovery key to unlock the drive after reboot. Make sure you have that key saved — either in your Microsoft account or a USB drive. Without it, you're locked out.
  6. Restart the PC. Windows will prompt you to confirm the TPM clear during POST. Press F12 (or whatever key your motherboard shows) to confirm.
  7. After booting into Windows, open tpm.msc (press Win+R, type tpm.msc). You should see status "The TPM is ready for use".
  8. If you use BitLocker, go to Control Panel > BitLocker Drive Encryption and click Turn on BitLocker again. It will re-provision the TPM from scratch, fixing the DAA state.

After step 7, the DAA process counter resets to zero. The next BitLocker provisioning sets it correctly.

Path B: Clear TPM from UEFI/BIOS

If you can't boot into Windows (maybe BitLocker recovery fails or you get the error on a boot screen), use this method.

  1. Reboot the PC and mash the key to enter BIOS/UEFI setup — usually F2 on Dell, F1 on Lenovo, Del on desktop boards.
  2. Look for a section named Security or Trusted Computing.
  3. Find the option to Clear TPM or Reset TPM. It might say "Clear TPM" or "TPM State" and you change it to Disabled, save, reboot, then go back and Enable it.
  4. Save changes and exit. The PC will reboot. On some systems, you get a prompt like "Press F12 to confirm TPM clear" — do that.
  5. Boot into Windows. If BitLocker asks for recovery key, type it in.
  6. Once inside, open tpm.msc to verify the TPM is ready. Then re-enable BitLocker.

What if clearing TPM doesn't work?

Rare, but sometimes the TPM firmware itself is corrupted. In that case, you need a firmware update from your PC manufacturer. Go to their support site, enter your model, and look for a TPM firmware update under BIOS/Drivers. For Dell, that's usually named "TPM 2.0 Firmware Update" or similar. Install it, then repeat Path A.

Another edge case: if you have a self-built PC with a discrete TPM module (like an Asus TPM 2.0 module), try reseating it — power off, unplug, remove the module, wait 30 seconds, plug it back in firmly. The DAA state can glitch if the connector is loose.

How to prevent TPM_E_DAA_STAGE in the future

Don't ever toggle TPM off and on in BIOS without first suspending BitLocker. Go to Control Panel > BitLocker Drive Encryption, click Suspend protection (not disable, just suspend), then you can safely change TPM settings. After the change, resume protection. That keeps the DAA state consistent.

Also, when you apply a BIOS update, always suspend BitLocker first. Most modern BIOS updates respect TPM state, but I've seen plenty that don't. It takes two clicks and saves you a headache.

One last thing: if you're in a corporate environment with Active Directory and Group Policy locking TPM settings, you'll need an admin to push a policy that allows TPM clear. Don't try to bypass it — you'll just waste time.

Was this solution helpful?

TPM_E_DAA_STAGE 0X80280055 TPM error fix BitLocker TPM error DAA process mismatch TPM provisioning failed Windows TPM error TPM chip reset clear TPM firmware update TPM error BitLocker recovery key TPM driver fix Windows 10 TPM error Windows 11 TPM error