Jump to content
  • How to enable LSA protection on Windows 11

    alf9872000

    • 624 views
    • 4 minutes
     Share


    • 624 views
    • 4 minutes

    The Local Security Authority is a crucial component of the Windows security system, responsible for verifying a user's identity during the sign-in process on a local computer. It checks password changes and login attempts, generates access tokens for single sign-in sessions, and carries out other authentication and authorization tasks in Windows.

     

    Securing the Local Security Authority subsystem is one of the most important steps you can take to safeguard your system and accounts against cyber threats. By enabling Local Security Authority protection, you will have increased control over potential cleartext password vulnerabilities and password dumping attacks, providing an extra layer of security for your system.This guide will show you how to turn on Local Security Authority (LSA) Protection in Windows 11.

    How to enable LSA protection on Windows 11

    Windows 11 provides support for Local Security Authority protection to help prevent unauthorized access to your system by attackers. In this post, we'll cover three methods for enabling LSA Protection in Windows 11:

     

    • Using the Windows Security app.
    • Using the Windows Registry Editor.
    • Using the Local Group Policy Editor.

     

    It's important to note that you need to have administrator privileges to enable the extra protection for Local Security Authority in Windows 11.

     

    How-to-enable-LSA-protection-on-Windows-

    How to enable LSA using the Windows Security app

    To enable the Local Security Authority protection in Windows 11 using the Windows Security app, follow these steps:

     

    1. Go to the Windows search bar and type 'windows security'.
    2. Select the 'Windows Security' option from the search results.
    3. Expand the left menu in the Windows Security app by clicking on the menu icon.
    4. Click on the 'Device Security' option.
    5. Under the 'Core isolation' section, click on the 'Core isolation details' link.
    6. Turn on the toggle button for the 'Local Security Authority protection' option.
    7. Confirm the change by clicking 'Yes' in the User Account Control prompt that appears.
    8. Finally, restart your PC to apply the changes.

     

    By enabling the Local Security Authority protection, you can protect your device and system resources from attackers who might try to gain unauthorized access to your system by stealing your credentials. The ‘Local Security Authority protection is off, Your device may be vulnerable’ alert in Windows Security is a warning message that your device is at risk, so it's important to fix it by enabling the feature.

    How to enable LSA using the Registry Editor

    You can also enable the Local Security Authority protection through Windows Registry. However, before you make any changes, it's important to back up your registry or create a system restore point to keep your system secure.

     

    Here's how you can do it:

     

    1. Press the Win + R key combination and type 'regedit' in the Run dialogue box.
    2. Hit the Enter key.
    3. Say yes to the User Account Control prompt.
    4. In the Registry Editor, navigate to this path: Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
    5. On the right panel, double-click on RunAsPPL.
    6. Change the value data to 1 and hit OK.
    7. Finally, restart your PC to apply the changes.

     

    How-to-enable-LSA-protection-on-Windows-

    How to enable LSA using the Group Policy Editor

    If you have a Windows Pro or Enterprise edition, you can use the bundled Local Group Policy Editor to enable the Local Security Authority protection. If you have the Home edition, don't worry, you can still access this tool using Policy Plus freeware. Just make sure to create a system restore point before making any changes to your Windows Policy.

     

    Here's how you can enable the Local Security Authority protection with the Local Group Policy Editor:

     

    1. Open the Run dialog box by pressing Win+R and type 'gpedit.msc.'
    2. Press Enter and navigate to Computer Configuration\Administrative Templates\System\Local Security Authority in the Local Group Policy Editor window.
    3. In the right panel, double-click on 'Configure LSASS to run as a protected process' policy.

     

    In the policy settings window, select 'Enabled' and choose either 'Enabled with UEFI Lock' or 'Enabled without UEFI Lock' in the dropdown menu.

     

    1. If you choose 'Enabled with UEFI Lock,' LSA will run as a protected process and the configuration can't be disabled remotely.
    2. Click OK, then Apply.

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...