How to enable Local Security Authority (LSA) protection in Windows 11
You must enable Local Security Authority protection if you want to protect your credentials from attackers. In this article, we will go through 3 different ways to enable Local Security Authority protection on your computer.
How to enable Local Security Authority protection with Windows Security
Windows Security is a comprehensive security hub for protecting your personal data and network settings. You can use it to scan for system viruses, protect accounts, manage device performance, and control apps and browsers.
Windows Security is also one of the places to enable Local Security Authority protection. Here's how to do it:
1. Press the Win key to open the Start menu.
2. In the search bar, type Windows Security and press Enter.
3. Select Device security from the left panel.
4. Select the Core isolation details option in the Core isolation section.
5. Tap the toggle switch in the Local Security Authority protection section .
6. Click Yes to make UAC pop up.
You will have to restart your computer to see the changes.
How to enable Local Security Authority protection with Registry Editor
The next way you can enable Local Security Authority protection is to edit the registry. But make sure to back up the registry before doing the procedure below, as any wrong edits can damage your system.
1. Open the Run dialog box by pressing the hotkey Win + R .
2. In the Run dialog box , type regedit and click OK.
3. Navigate to the following location:
ComputerHKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa
4. Click the Lsa key in the left panel.
5. Right click on the RunAsPPL value on the right.
6. Select Edit from the context menu.
7. Enter 1 in the value data and click OK.
Enable Local Security Authority protection with Local Group Policy Editor
Local Group Policy Editor is a Windows utility with which you can manage group policy settings on your computer. You can also use it to enable Local Security Authority protection. Here's how to do it:
1. In the Run dialog box , type gpedit.msc and click OK.
2. Click the Administrative Templates folder in the Local Computer Policy section .
3. Select System and then open the Local Security Authority folder .
4. Right-click the Configure LSASS policy to run as a protected process and select Edit.
5. In the edit window that appears, select the Enabled option.
6. Click the drop-down icon under Configure LSA to run as a protected process and select Enabled with UEFI Lock .
7. Click Apply > OK to save the settings.
Restart your computer to see the changes.
Today, attackers have tools with which they can easily steal your credentials. To work around this, Windows provides additional protection that prevents login attempts from unknown identities. You can enable this protection by following one of the methods above.
Good luck!
You should read it
- How to enable Local User and Group Management in Windows 11 and 10 Home
- What is Domain Authority?
- What is a Certificate Authority? What is CA?
- Steps to open Local Security Policy on Windows 10, Windows 11
- How to enable / disable the Security tab of files and folders on Windows?
- How to enable / disable notifications from Windows Security Center in Windows 10
- How to enable / disable Security and Maintenance notifications in Windows 10
- Secure the internal admin group on the desktop
- Instructions to enable / disable Windows Firewall with Command Prompt
- Steps on how to create a local user account in Windows 10
- How to reset Local Group Policy settings on Windows 10
- 4 tips to open Local Group Policy Editor on Windows 8 / 8.1
Maybe you are interested
iPhone security tips you're missing out on
This list of common passwords shows how little we understand about online security
Download free Windows Server 2025 security guide
5 Misconceptions About Password Security
Should I buy a USB, Bluetooth or NFC security key?
4 Security Steps to Follow When Using Remote Access Applications