The Local Security Authority (LSA) process is a key component of the Windows Security infrastructure. It enables the administration of security policies and authenticates user accounts. While the LSA process is disabled by default in Windows 11, it can be enabled if needed.
You must enable the Local Security Authority protection if you want to protect your credentials from attackers. In this article, we’ll go through three different ways by which you can enable Local Security Authority protection on your computer.
How to enable Local Security Authority Protection using Windows Security
Windows Security is your one-stop security center to protect your personal data and network settings. You can use it to scan systems for viruses, protect accounts, manage device performance, and control apps and browsers.
Windows Security is also one of the places to enable the Local Security Authority protection feature.
- Press the Win key to open the Start Menu.
- In the search bar, type Windows Security and press Enter.
- Choose Device security from the left panel.
- Select the Core isolation details option under the Core isolation section.
- Enable the toggle under the Local Security Authority protection section.
- Click Yes to the UAC that pops up.
You’ll have to restart your computer to see the changes.
Enable Local Security Authority Protection Using Registry Editor
The next way you can enable the Local Security Authority protection is by editing the registry. But make sure to back up the registry before getting into the below process, as any wrong edit can crash your system.
- Open the Run dialog box by pressing the Win + R hotkeys.
- In the Run dialog box, type regedit and click OK.
- Navigate to the following location:
- Click on the Lsa key in the left panel.
- Right-click on the RunAsPPL value in the right pane.
- Choose Edit from the context menu.
- Type 1 in the value data and click OK.
Enable Local Security Authority Protection Using Local Group Policy Editor
The Local Group Policy Editor is a Windows utility using which you can manage group policy settings of your computer. You can use it to enable the Local Security Authority protection as well.
- In the Run dialog box, type gpedit.msc and click OK.
- Click on the Administrative Templates folder under the Local Computer Policy section.
- Select System and then open the Local Security Authority folder.
- Right-click on the Configure LSASS to run as a protected process policy and choose Edit.
- In the edit window that crops up, choose the Enabled option.
- Click the drop-down icon under the Configure LSA to run as a protected process and choose Enabled with UEFI Lock.
- Click Apply > OK to save the settings.