The Local Security Authority protection on your Windows 11 PC is a crucial process that keeps your credentials secure. The idea behind LSA is to ensure that no loopholes in your security allow a third party to intercept your personal information. It is a process that authenticates the genuineness of your credentials before allowing you access to the system.
While the effectiveness of the process is proven, there are times when a user finds the feature toggled off on the system. Sometimes, it is manually turned off because of the heavy nature of the process, while other times, it is toggled off after Windows or system updates.
Turning on manually turned off LSA is easy, provided you know how to do it. On the other hand, if the process is closed by the system and it is done after every update, you may require serious actions to fix the error.
Without this process, your PC may be vulnerable to interception and data theft. Hence, it is important to keep it ON.
But how? Well, that is what we will share with you in this post.
Ensure you read this until the end, as we will explain how to enable Local Security Authority Protection on your PC. You can enable these steps even when the system cannot do so.
Let’s begin!
The Local Security Authority feature keeps your PC protected from code-injecting malware and reduces the chances of credentials being compromised. It is a crucial error that this service is always running and makes sure that the PC is safe. The real problem that appears is that the Windows Defender incorrectly gives a notification that the LSA is not running or has stopped working.
You may be thinking if the notification is incorrect and the service is still running, where is the issue? Well, the fake warnings often catch a user off-guard which leads to them making harmful decisions. These notifications are often a work of phishing attacks meaning as soon as users click on them, the script is injected, failing the purpose of LSA.
Not to mention, the curiosity of a user about “What if the LSA is actually off?” is also a troublesome thought. Hence you should take things into your own hands and try to relaunch the Local Security Authority feature on your PC.
If it is ON it will remain the same, and if it is OFF you will be able to turn it back on. EASY!
If that yellow exclamation mark in your security settings has appeared recently, chances are that the LSA process was affected by the recent turn of events on your PC.
Usually, the user turns off the Local Security Authority protection from the Task Manager as it appears to be a heavy process. However, if it is not manually disabled and is not running, there can be three reasons behind it –
These 3 are the most probable causes of Local Security Authority Protection not running on your Windows PC. As you can realize, all of these require a power user to understand and move ahead to fix.
Check out our easy-to-execute fixes curated, especially for normal users below!
The first and foremost way to enable LSA on your Windows PC is to follow the traditional path and toggle it ON manually via the security application.
Here’s what you need to do –
Step 1 – Open the Start Menu & Search for Security Application in Windows called “Windows Security.”
Step 2 – In Windows Security, you will come across an option that says “Device Security” in the left panel of the screen.
Step 3 – From Device Security, click “Core Isolation details.”
Step 4 – In Core Isolation, you will see the “LSA toggle.” Turn it ON, and you should be good to go.
This is the basic method to enable LSA on your PC. If you cannot find the Local Security Authority Protection on the shared locations, do not worry. There are other ways explained below to turn it on.
Read Also: Minecraft Error – ‘An Existing Connection Was Forcibly Closed by the Remote Host’ Fixed!
The Local Group Policy Editor is another way you can spot the LSA protection settings and enable them. Simply follow the steps given below –
Step 1 – Press Windows+R on your keyboard to open the Run Search.
Step 2 – In the Run Search, use the command “GPEDIT.msc.”
Step 3 – After opening the local group policy editor, navigate to the following path –
Computer Configuration\Administrative Templates\System\Local Security Authority
Step 4 – Following the above path, you can find the configured LSASS to run as a protected process.
Step 5 – Select the option mentioned above and right-click on it. You will find the enable option. Just click on it and restart your PC for changes to take effect.
If the above method does not work, you can use the registry editor to sort your Local Security Authority Protection off situation. Many users say that after editing the RunAsPPL registry entry, their problem was fixed.
However, before you make any changes to the registry, we suggest taking a backup.
To do so, open the Registry Editor > click File > Export. Once the backup is created, follow the instructions below to enable LSA via Windows Registry.
Step 1 – Press Windows + R to open the run search.
Step 2 – In the run search, use the command “regedit.”
Step 3 – This will open the registry editor for you.
Step 4 – In the registry editor, navigate to the following path –
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
and look for the RunAsPPl entry as shown in the below image.
Step 5 – Double-click the RunAsPPL entry and change its Value Data to 2. Click Ok to save the changes.
Note : If you cannot find the RunAsPPL entry, create one by clicking New > select Dword (32-bit) Value. Name the entry as RunAsPPL. Double-click on it, and under the Value Data field, enter 2 and click Ok to save.
Step 6 – Next, click on the empty area, click New > select DWORD (32-bit) Value.
Step 7 – Name the new registry as RunAsPPLBoot and click Ok.
Step 8 – Double click RunAsPPLBoot and change the Value Data to 2 > click Ok to apply changes.
Step 9 – Restart the PC. The Local Security Authority Protection is Off should be fixed.
However, if this does not help, we suggest changing the Value Data of RunAsPPLBoot to 1.
Now restart your PC and check the error must be fixed.
In case this does not work, there are chances that the Windows registry requires optimization. The best way to do that is to use a PC Optimization tool like Advanced System Optimizer. Instead of making unnecessary changes that may worsen the situation, the tool cleans only the invalid registry entries and helps optimize the registry for better performance.
Check out this thorough guide on how and why you should consider optimizing your registries to learn more about it!
Windows offers ways to repair an application if it is not working properly. The same is available for the internal component, Windows Security application. All you need to do is follow the below steps –
Step 1 – Go to the System Settings by pressing the Win+I shortcut.
Step 2 – System from the left pane and then scroll down to find the System Component option.
Step 3—You may find Windows Security in the System Component List. Expand the Advanced Options and click on it.
Step 4—On the Opened Settings page, scroll down to find the Terminate, Reset, and Repair options. Click on the appropriate one, as required.
This will allow you to repair the issue with your security program, making it more effective and helping you resolve Local Security Authority protection off errors.
If the error has appeared recently after installing a particular program on your computer, you should consider uninstalling the same program. Also, the error message may appear after updating a program recently hence you can use the control panel to sort the applications.
Step 1 – Press Win+R to open the run search.
Step 2 – In the run search, use the command appwiz.cpl and hit enter.
Step 3 – On reaching the control panel, you will find uninstall or change a program page on your screen.
Step 4—Click on the Installed On filter, and you will see all the applications sorted by their latest installed date.
Step 5 – Uninstall the last or recently updated application and restart your computer to ensure that the components of the uninstalled applications are removed.
Once the app is removed, you may find that the Local Security Authority Protection Off – Your Device May Be Vulnerable error is no longer on your PC.
After trying all these fixes, you can verify whether the Local Security Authority feature was successfully enabled on your PC by using the Event Viewer application on your Windows 11 PC.
Everything you do is noted in Windows logs. Hence, the enablement of LSA is also recorded. After trying a fix, restart your PC, and after restarting it, go to the start menu to find Event Viewer. Here is a step-by-step guide –
Step 1 – Go to the Start Menu and search for Event Viewer.
Step 2 – In the Event Viewer, check the left pane and click on Windows logs to expand it.
Step 3 – In the Windows Logs, click on System to find all the recent system-related logs.
Step 4 – In the System Logs, look for – wininit process with the following description –
12: LSASS.exe was started as a protected process with level: 4
After you have found the log, it can be confirmed that the LSA service was started. If you want to check first whether the service is enabled or not, you can use the same method and find the winnint process.
The 3 ways mentioned above are your best chances of enabling the Local Security Authority Protection on Windows 11. This is crucial as it keeps your private data confidential and safe from cyber-attacks. However, if they do not help, try uninstalling the latest Windows update, as sometimes it causes the issue. Press Windows + I to open Windows settings > click on Windows Update > scroll down to find Uninstall updates option > look for “KB5023706” update and click “Uninstall.” Restart the PC to apply the change and check the problem should now be fixed.
You can use any of the mentioned ways and enable LSA. Also, to keep the PC optimized and avoid any issues caused due to invalid registry, junk files, duplicates, viruses, etc, give Advanced System Optimizer a try.
That’ll be all for this post. Thanks for reading. Good luck!
Should You Disable Local Security Authority Protection?
No! Disabling the LSA on your Windows PC means leaving the door open for infectious scripts and malware to take over system files and properties. It can be difficult for the PC to protect itself from unwanted interaction, especially if you use the internet regularly on your PC.
Did Microsoft remove LSA protection?
Not yet. The LSA protection is still available on Windows 11. However, there was a bit of confusion when “local security authority protection is off” notifications appeared out of nowhere. To fix it, an update was rolled out where the settings in the KB5007651 Defender update were removed to ensure the confusing alerts would no longer be displayed in the Windows Settings app.
Recommended :
Is Microsoft Edge Running Slow? These Fixes Will Help Speed it up!
ChatGPT Not Working on PC – Here’s What You Can Do!
PDF files are best for maintaining, sharing, and backing up your documents. However, if you…
Many YouTube users love using the autoplay button, which allows YouTube to play one video…
The 0xc0000225 error in Windows is a Boot Configuration Data (BCD) error that usually occurs…
Do you miss your Windows 10 PC like the others who, after upgrading to Windows…
Users can take advantage of special deals for Windows applications Systweak Software, a leading IT…
Teredo is a networking protocol that helps establish a secure connection between a client and…
View Comments
Thanks for this! The only option that worked for me was to create the RunAsPPL/Boot entries. does this turn off the error and my PC is still at risk or does it indeed enable Local Security Authority Protection again?
Many thanks
Dear Daz,
Glad to know that your problem is resolved.
If the value for RunAsPPL is set to 1, Local Security Authority Protection is enabled, and there is nothing to worry about.
However, you can use an antivirus program to add an extra layer of protection.
Thanks and Regards