The Local Security Authority (LSA) process is a key component of the Windows Security infrastructure. It enables the administration of security policies and authenticates user accounts. While the LSA process is disabled by default in Windows 11, it can be enabled if needed. This article will guide you on how to enable Windows Local Security Authority (LSA) process.
You may wonder why you need to enable LSA on your Windows PC. Well, apart from managing and maintaining security policies, the Local Security Authority provides a secure environment for the apps and services to run and also manages system credentials like passwords or tokens to prevent unauthorized access.
We have listed three ways to help you enable LSA on your computer. Follow along.
1. Turn On LSA in Windows 11 Using Windows Security Settings
Windows Security holds tools and features that constantly monitor and help protect your Windows PC from viruses, malware, and other security threats. It also includes enabling and changing Windows Local Security Authority (LSA) process. Here’s how to do it.
Step 1: Press the Windows key on your keyboard, type Windows Security, and click Open.
Step 2: From the left pane, go to Device security.
Step 3: Under the Core isolation section, click on ‘Core isolation details.’
Step 4: Toggle on the Local Security Authority protection option.
In the prompt, click Yes.
Finally, reboot your PC for the changes to get applied. And that’s it. You have successfully enabled Local Security Authority (LSA) protection in Windows 11. If you don’t want to do it through Windows Security, you may go with Registry Editor.
2. Activate Local Security Authority Using Registry Editor
Windows Registry Editor binds with the changes you want to make on your Windows PC. This method isn’t as straightforward as the above one, but the steps are relatively simple.
However, as we are using Registry Editor, we strongly recommend you back up the Windows Registry before proceeding with the steps below.
Step 1: Press the Windows key on your keyboard, type Registry Editor, and click Open.
Note: You can also press ‘Windows key + R’ to open the Run dialog box, type regedit.exe, and click OK to open Registry Editor.
In the prompt, select Yes.
Step 2: In the top bar, enter the below-mentioned address.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Note: You can manually navigate to the section too.
Step 3: In the right pane, double-click on RunAsPPL.
Step 4: Type 0 in the Value Data field and press OK.
Finally, reboot the system to implement the changes. And that’s it! The Windows Local Security Authority (LSA) protection will be enabled when the system boots back. If you don’t want to enable LSA from the registry, you can go with the Group Policy editor.
3. Enable LSA Protection Using the Local Group Policy Editor
The Local Policy Editor on Windows holds a lot of settings that have the potential to enhance your Windows experience. It also allows you to enable LSA process in Windows 11.
Note: Group Policy Editor is only available in the Windows 11 Pro and Enterprise versions. If you are using Windows 11 Home Editor, you cannot use this method.
Step 1: Press the Windows keys on your keyboard, type gpedit, and click Open.
Note: You can also press ‘Windows key + R’ to open the Run command box, type gpedit.msc, and click Open.
Step 2: Select Computer Configuration.
Step 3: In the right pane, double-click on Administrative Templates.
Step 4: Select the System option.
Step 5: Under the System option, locate and click on the Local Security Authority folder.
Step 6: Select ‘Configures LSASS to run as a protected process.’
Step 6: In the ‘Configure LSASS to run as a protected process’ window, select the Enabled option.
Step 7: Under ‘LSA to run as a protected process,’ from the drop-down, choose ‘Enabled with UEFI Lock.’
Step 8: Finally, click on Apply and then OK.
There you go. Now, all you need to do is reboot Windows. Once it boots back up, the Windows Local Security Authority (LSA) process will be enabled. If you have any queries, check out the FAQ section below.
FAQs on Windows Local Security Authority Protection
By enabling LSA, you can prevent attacks that attempt to steal sensitive information or manipulate processes that are critical to the Windows operating system. But turning on LSA could cause problems with some programs that need direct access to the LSA subsystem.
LSA stands for ‘Local Security Authority,’ while LSASS, on the other hand, stands for ‘Local Security Authority Subsystem Service.’ Although LSA and LSASS are closely related, they refer to different things. LSA is a security subsystem in Windows that manages security policies and authentication protocols, while LSASS is responsible for authenticating users and enforcing security policies on the system.
Control the Security of Your Windows PC
Whether you are a system administrator or IT professional, it is essential to know how to enable the Local Security Authority process in Windows 11. Now that you have gone through a step-by-step process, you may also want to check out these easy ways to open Local Security Policy in Windows PC.