🏠 » Help

How to enable Local Security Authority Protection in Windows 11 for enhanced security

Help
Reading 5 min Views 21
Contents
  1. The Essential Guide to Enabling LSA Protection on Windows 11
  2. What is LSA Protection and Why is it Important?
  3. Enabling LSA Protection in Windows Security
  4. Using Policy Editor to Enable LSA Protection
  5. Enabling LSA Protection with the Registry Editor
  6. Before Editing the Registry
  7. Troubleshooting: Why Do I Still Get Warnings?
  8. Keep Your Device Secure
  9. References

article tailored to outrank the provided excerpt in SEO:

The Essential Guide to Enabling LSA Protection on Windows 11

Over the last few months, many Windows 11 users like us have encountered concerning security warnings that Local Security Authority (LSA) Protection has been turned off on their PCs. While unsettling, we want to assure you that in most cases this warning message is caused by a known bug in Windows 11 and enabling LSA Protection is rather straightforward.

In this comprehensive tutorial, we’ll walk through what LSA Protection is, why it’s so important for security, how to enable it using different methods, and answer some common questions Windows 11 users have about this critical protection feature. Let’s get started!

What is LSA Protection and Why is it Important?

LSA Protection is a key security feature in Windows 11 that prevents unauthorized access to sensitive login credentials and authentication processes on your device. It does this by blocking memory dumping and untrusted code injection into the LSA (Local Security Authority) system process in Windows.

Without LSA Protection enabled, malicious programs could potentially intercept your login info, install compromised drivers, or otherwise infiltrate the LSA process. This leaves your system vulnerable to credential theft and other security breaches.

So in short, keeping LSA Protection on provides an essential layer of security that protects your login credentials and blocks potentially harmful actions on your PC.

Enabling LSA Protection in Windows Security

The easiest way to turn on LSA Protection is via the Windows Security app:

  1. Open the Start Menu and search for "Windows Security" – launch the app.

  2. Click on "Device security" in the left pane.

  3. Scroll down and click on "Core isolation details."

  4. Toggle "Local Security Authority Protection" to On.

This enables the LSA protection feature across Windows. However, due to a bug in recent Windows 11 versions, you may still get warnings that LSA Protection is off even after toggling it on here. But rest assured, as long as you’ve flipped the switch to On in Windows Security, the protection is active behind the scenes.

Using Policy Editor to Enable LSA Protection

The Group Policy Editor provides another way to enable LSA Protection:

  1. Press Win+R to open the Run dialog box.

  2. Type "gpedit.msc" and hit Enter.

  3. Navigate to Computer Configuration > Administrative Templates > System > LSA.

  4. Open "Turn on Local Security Authority Protection" and set to Enabled.

  5. Click Apply and OK.

This enables the protection via Group Policy. However, you may still see warnings that it’s disabled – ignore these, as policy overrides other settings.

Enabling LSA Protection with the Registry Editor

You can also turn on LSA Protection through a simple Registry tweak:

  1. Open the Run dialog with Win+R and type "regedit."

  2. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

  3. Right click the pane on the right and create a new DWORD value named "LsaCfgFlags."

  4. Double click the new value and set it to 1.

  5. Click OK and close Registry Editor.

This will enable LSA Protection via the registry. But again, warnings may still appear temporarily due to the Windows 11 bug.

Before Editing the Registry

Note: We recommend backing up the registry or creating a system restore point before making manual changes to the registry editor. This provides a rollback point in case any issues arise.

Troubleshooting: Why Do I Still Get Warnings?

If you’ve enabled LSA Protection using any of the above methods, but still see warnings that it’s disabled, don’t panic. As mentioned, this is caused by a known bug in Windows 11. Microsoft is working on a permanent fix, but in the meantime you can safely dismiss the warning messages. LSA Protection is running if you’ve toggled it on.

Some users have reported that creating a new DWORD value called "RunAsPPL" and setting it to 2 in the registry may help suppress the false warning messages. Give that a try if you want to squelch the notifications.

Keep Your Device Secure

In closing, enabling LSA Protection is an easy but important step every Windows 11 user should take to keep their device secure against credential theft and malicious actions. We walk through the main methods to activate this protection above. While you may still see warnings for now, you can rest assured LSA Protection is indeed active if you’ve followed these steps.

We hope this guide gives you confidence to dismiss those worrisome warning popups. Please let us know in the comments if you have any other questions as you secure your Windows 11 PC!

References

  1. https://www.systweak.com/blogs/fix-local-security-authority-protection-off/
  2. https://www.thewindowsclub.com/how-to-enable-local-security-authority-lsa-protection-in-windows

WindoQ