Local Security Authority protection is turned off: how to enable it

One of the most important Windows processes for authenticating user identities is Local Security Authority (LSA) protection.

Some users turn off LSA due to high CPU, but PCs are exposed to multiple threats. As requested by some readers, we've provided a way to enable it.

Why turn off local security agency protection?

For some reason, LSA protection may eventually be disabled and ultimately rendered inaccessible to cybercriminals. Here are some reasons to turn off Local Security Authority protection:

• Bad Windows Updates – Corrupted Windows updates are one of the major issues that can disable this feature.
• Secure Boot Off – If Secure Boot is disabled, all Secure Boot and UEFI related configurations will be reset. In turn, turning off Secure Boot disables local security authority protection.
• Windows policy has disabled LSA – The LSA protection policy may have been disabled from the configuration. Adjusting the computer configuration in the Local Group Policy Editor (gpedit.msc) can help turn it back on.

Now that you know some of the factors that lead to disabling Local Security Authority protection, check out the solutions provided below to turn it back on.

What should I do if local security is turned off?

Before continuing to explore any of the advanced steps provided in this article, be sure to do some preliminary checks to resolve the issue faster:

• Make sure you are logged in as an administrator so that you can Enable additional protection for local security authorities in Windows 11.
• Check your Windows Security app to enable LSA protection.
• Make sure CPU virtualization is turned on.

After confirming that none of the above checks can permanently solve the problem, you can use any of the following advanced solutions.

1. Use the Windows Security Center application

1. Press the Start menu,Type "Windows Security Center" in the search box, and then press the key. WindowsEnter
2. From the left pane, select Device Security. Under the "Core Isolation" section, select the "Core Isolation Details" option.
3. Enable the toggle switch under the "Local Security Authority Protection" section.
4. Then, click "Yes" on the UAC prompt that appears.
5. Restart your computer to apply changes.

Windows 11 Secure Edition is one way to protect your system from cybercriminals. If that doesn't work for you, here's another viable option.

2. Use the Registry Editor

1. Press the key to open the "Run" dialog box. Type Registry Editor in the dialog box and press . WindowsREnter
2. #In the Registry Editor, navigate to the following path: <strong>Computer\HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Control\Lsa</strong>
3. Then, double-click RunAsPPL in the right pane. Change the value data to 1 (or 2, as some users claim this worked for them) and press . Enter
4. #Restart your computer to apply the changes.

Before using Registry Editor, make sure to back up your registry files or create a restore point to be safe if it falls apart.

3. Through the Local Group Policy Editor

1. press the key to open the "Run" dialog box, type gpedit.msc, and then press . WindowsREnter
2. In the Local Group Policy Editor window, navigate to the following path: <strong>Computer Configuration\Administrative Templates\System\Local Security Authority</strong>
3. In the right pane of the window, right-click Configure LSASS to run as a protected process.
4. Next, click Enable.
5. Under Options, select Enable using UEFI Lockdown, then click Apply and OK to save the changes.
6. Restart the device.

The Local Group Policy Editor is another option to enable Local Security Authority protection. It is also important to create a system restore point before making any Windows policy changes.

Some users also claim that signature verification may also be the reason why LSA protection is turned off. Therefore, if the LSA is not signed as expected, you can browse this guide for further assistance.

The above is the detailed content of Local Security Authority protection is turned off: how to enable it. For more information, please follow other related articles on the PHP Chinese website!