From a security standpoint, the Local Security Authority protection is an important process. It helps protect your credentials by preventing unsigned plugins and drivers. It is also crucial for various areas of your operating system as it keeps threat actors away from your computer. It was first introduced in Windows 8.1 and Server 2012 R2. And although it is generally not toggled off, many users have reported seeing the message “Local Security Authority protection is off. Your device may be vulnerable”.
In this post, we will look at ways to fix the issue. But, before that let’s have a look at some of the common reasons why this message might pop up –
- Sometimes it is manually turned off because the process might be heavy on system resources. For instance, you might turn it off in the Task Manager if you find out that it is consuming a lot of system resources.
- Corrupt Windows update as in the case of KB5025239 and KB5025224.
- Tempering with the Local Group Policy Editor may have led to unwanted changes because of which Local Security Authority (LSA) protection is turned off.
Things You Can Do if Local Security Protection Is Off
Sometimes local security authority protection stops working. It can happen after you restart, update, or reboot your device, or because of a bug. These solutions will help you fix it in any situation.
Solution No. 1 – Use Windows Security Application To Turn On Local Security Authority
You can open your Windows Security app and toggle on the Local Security Authority protection by following the easy steps mentioned below –
Step 1 – In the Windows search bar, type Windows Security and click on Open from the right-hand side.
Step 2 – From the left, click on Device Security.
Step 3 – From the right-hand side, click on Core isolation details under Core isolation.
Step 4 – Toggle on the switch under Local Security Authority protection.
Solution No. 2 – Enable LSA With The Help of the Registry Editor
If, for some reason, the above method doesn’t work out, you can enable the Local Security Authority via Registry Editor. However, before you follow the steps and make changes to your computer’s registry. But before that, we urge you to take a backup of your existing registry and it is also advisable to create a restore point as well. This will help prevent any mishaps. Now, let’s get down the steps to enable LSA via the Registry Editor –
Step 1 – Press Windows + R keys to open the Run dialog box. Press Enter
Step 2 – Type regedit in the dialog box and press Enter. Click on Yes when the UAC prompt appears.
Step 3 – When the Registry Editor opens, navigate to the below-mentioned path –
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Step 4 – From the right-hand side, double-click on RunAsPPL. Change the Value data to 1.
Step 5 – Click on OK
Step 6 – Restart your computer.
Solution No. 3 – Enable Local Security Authority Through Local Group Policy Editor
The Local Security Authority protection can also be enabled with the help of the Local Group Policy Editor. To turn on the Local Security Authority protection via the Local Group Policy Editor, follow the steps mentioned below –
Step 1 – Press Windows + R to open the Run dialog box.
Step 2 – Type gpedit.msc in the dialog box and press Enter.
Step 3 – When the Local Group Policy Editor opens, navigate to the below-mentioned path –
Computer Configuration\Administrative Templates\System\Local Security Authority
Step 4 – From the farthest right, locate and double-click Configure LSASS to run as a protected process.
Step 5 – Next, click on the radio button next to Enabled and then click on Apply and OK.
If you have Windows 11 Home Edition, you may not find the Local Group Policy Editor. In that scenario, you can run a batch file as mentioned in this post (jump to solution no. 5 of this post) and you will able to use Local Group Policy Editor on your Windows 11 PC.
Solution No. 4 – Using The Command Prompt
Another way to fix the “Local Security Authority protection off” issue is to use a cCommand Prompt. You can also copy and paste the below-mentioned command in the Administrator Windows PowerShell –
Step 1 – In the Windows search bar, type cmd and click on Run as administrator from the right-hand side.
Step 2 – When the Command Prompt window opens, copy and paste the below-mentioned command –
reg add HKLM\SYSTEM\CurrentControlSet\Control\Lsa /v RunAsPPL /t REG_DWORD /d 2 /f;reg add HKLM\SYSTEM\CurrentControlSet\Control\Lsa /v RunAsPPLBoot /t REG_DWORD /d 2 /f;
Step 3 – Press Enter
Step 4 – Restart your computer.
Writer’s Tip:
While you fix the issue, we advise you to keep your computer protected. For this, you can use a third-party Antivirus Software that can identify and remove malware in real time and stop threat actors from stealing your sensitive information such as login credentials. T9 Antivirus, for instance, is one of the best lightweight Antivirus programs for Windows PC. To know more about it, its features, pricing, and other aspects, you can check out this post.
It’s Easier Than You Think: Fixed Local Security Authority Protection Is Off!
I hope this guide has helped you understand how to fix local security authority protection on your device. This is a critical issue that can affect your device’s security and performance. There are different ways to fix it, depending on the cause and the situation. But if you want a quick and easy solution, I recommend using the Registry Editor method. This method can turn on local security authority protection in just a few steps.
Do let us know if you were finally able to turn on the Local Security Authority protection and are no more seeing the pop-up. For more such content, keep reading WeTheGeek. You can also reach out to us on YouTube, Facebook, Instagram, Pinterest, and Twitter.