Local Security Authority Protection is Off? How to Enable in Windows 11

If the Local Security Authority is off on your Windows 11 PC then in this article, we tree ways to enable it. The Local Security Authority (LSA) is a crucial function of the Windows security subsystem, responsible for verifying password changes and login attempts, creating access tokens for single sign-in sessions, and performing other Windows authentication and authorization-related tasks during the sign-in process on a local computer.

By enabling the Local Security Authority protection, you can have more control over cleartext password vulnerability and password dumping attacks. Protecting the Local Security Authority subsystem is one of the prime things you can do to safeguard your system and accounts from cybercriminals.

Attention Windows Users!!

Facing issues on your Windows PC every now and then? We would recommend you use the Restoro PC Repair tool.

It is a one-stop solution to repair common computer errors, protect your Windows PC from data loss, malware, hardware failure, Registry issues, BSOD errors, etc. and optimize your PC for maximum performance in just three simple steps:

  • Download Restoro Tool that comes with Patented Technologies (see patents here).
  • Install and click on Start Scan to find the issues on your Windows PC.
  • Finally, click on Repair All to fix the issues.

4,533,876 users have downloaded Restoro till now.

How to Enable Local Security Authority in Windows 11

To enable Local Security Authority (LSA) Protection in Windows 11, there are three different ways. We will discuss each of them in detail below.

1. Enable Local Security Authority Protection using Windows Security

Windows Security is a built-in tool in Windows 11 that constantly monitors the system for viruses, malware, and other security threats. You can use it to manage security features on your Windows 11 device, including the Local Security Authority protection.

Follow the steps below to enable Local Security Authority Protection using Windows Security:

1. Search for Windows Security and open the same from the search results.

open windows security

2. Click on Device Security from the left pane and select the Core isolation details link located under the Core isolation section from the right side.

3. Toggle on the switch for the Local Security Authority protection option.

4. Click on the Yes button in the User Account Control prompt that appears.

5. Finally, reboot your PC to apply the changes.

2. Enable Local Security Authority Protection using Registry Editor

You can also enable Local Security Authority protection using Windows Registry Editor. However, make sure to back up your registry or create a system restore point before making any changes to your system through the Registry Editor.

To enable Local Security Authority Protection using Registry Editor, follow these steps:

1. Open the Run dialog by pressing Win + R, enter regedit in the text field, and hit Enter.

023 regedit in the run dialog box

2. The Windows Registry will open up. Here, navigate to the following tree path:


3. In the right panel, double-click on the RunAsPPL registry value.

4. Change the Value data to 1 and click on OK.

5. Finally, restart your PC to apply the changes.

3. Enable Local Security Authority Protection using Local Group Policy Editor

The Local Group Policy Editor comes bundled with Windows Pro and Enterprise editions. Home users can also access this valuable tool using the Policy Plus freeware. Again, before making any Windows Policy changes, it is crucial to create a system restore point.

Here’s how you can enable the Local Security Authority protection using the Local Group Policy editor:

1. Open the Run dialogue box (Win + R), type gpedit.msc, and hit Enter.

014 gpedit dialog box

2. In the Group Policy editor that opens up, navigate to the following path:

Computer Configuration\Administrative Templates\System\Local Security Authority

3. In the right panel, double-click on the ‘Configure LSASS to run as a protected process‘ policy.

4. In the policy settings window, set the radio button to the Enabled option.

5. Under the Options section, select the Enabled with UEFI Lock option from the drop-down menu of the Configure LSA to run as a protected process option.

With this setting, LSA will run as a protected process, and the configuration will be UEFI Locked, which means it cannot be disabled remotely. If you don’t want this restriction, you can select Enabled without UEFI Lock in the dropdown.

6. Click on the OK button and restart your PC.

In conclusion, enabling Local Security Authority (LSA) protection is an essential step towards securing your Windows 11 device and accounts from potential cyber threats.

By following any of the three methods discussed in this post, you can easily enable LSA protection and gain more control over your system’s security. Whether you choose to use the Windows Security app, Registry Editor, or Local Group Policy Editor, it’s crucial to make sure that you take the necessary precautions, such as backing up your system, before making any changes.

By implementing these security measures, you can safeguard your data and protect your privacy from cybercriminals.

Also Read:

Rate this post
Posted by
Bhanu Pratap

Hi! I am Bhanu Pratap, co-founder of Yorker Media Group. A die-heart fan of tech and keeps track of every little happening of the same. When not writing, I usually keep myself busy on YouTube making and exploring new and awesome tech content.

Leave a Reply

Your email address will not be published. Required fields are marked *