How to Enable Local Security Authority (LSA) Protection in Windows 11
Reading Time: 2 minutesKeep your Windows 11 PC safe with Local Security Authority protection.
Local Security Authority (LSA) protection is an important Windows process that verifies a user’s identity. It manages necessary system credentials like passwords and tokens related to Microsoft accounts and Azure.
You must enable the Local Security Authority protection if you want to protect your credentials from attackers. In this article, we’ll go through three different ways by which you can enable Local Security Authority protection on your computer.
How to Enable Local Security Authority Protection Using Windows Security
Windows Security is your one-stop security center to protect your personal data and network settings. You can use it to scan systems for viruses, protect accounts, manage device performance, and control apps and browsers.
Windows Security is also one of the places to enable the Local Security Authority protection feature. Here’s how to do it:
- Press the Win key to open the Start Menu.
- In the search bar, type Windows Security and press Enter.
- Choose Device security from the left panel.
- Select the Core isolation details option under the Core isolation section.
- Enable the toggle under the Local Security Authority protection section.
- Click Yes to the UAC that pops up.
You’ll have to restart your computer to see the changes.
Check out our quick Windows Security guide for Windows 11 for more tricks you can use to secure your PC.
How to Enable Local Security Authority Protection Using the Registry Editor
The next way you can enable the Local Security Authority protection is by editing the registry. But make sure to back up the registry before getting into the below process, as any wrong edit can crash your system.
- Open the Run dialog box by pressing the Win + R hotkeys.
- In the Run dialog box, type regedit and click OK.
- Navigate to the following location:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
- Click on the Lsa key in the left panel.
- Right-click on the RunAsPPL value in the right pane.
- Choose Edit from the context menu.
- Type 1 in the value data and click OK.
Enable Local Security Authority Protection Using the Local Group Policy Editor
The Local Group Policy Editor is a Windows utility using which you can manage group policy settings of your computer. You can use it to enable the Local Security Authority protection as well. Here’s how:
- In the Run dialog box, type gpedit.msc and click OK.
- Click on the Administrative Templates folder under the Local Computer Policy section.
- Select System and then open the Local Security Authority folder.
- Right-click on the Configure LSASS to run as a protected process policy and choose Edit.
- In the edit window that crops up, choose the Enabled option.
- Click the drop-down icon under the Configure LSA to run as a protected process and choose Enabled with UEFI Lock.
- Click Apply > OK to save the settings.
Restart your computer to see the changes.
Keep Your Credentials Protected
Nowadays, attackers have tools using which they can easily steal your credentials. To tackle this, Windows offers additional protection that stops login attempts from unknown identities. You can enable this protection by following either of the above methods.
Reference: https://www.makeuseof.com/windows-11-enable-local-security-authority-protection/