The Local Security Authority protection on your Windows 11 PC is a crucial process that keeps your credentials secure. The idea behind LSA is to ensure that no loopholes in your security allow a third party to intercept your personal information. It is a process that authenticates the genuineness of your credentials before allowing you access to the system.
While the effectiveness of the process is proven, there are times when a user finds the feature toggled off on the system. Sometimes, it is manually turned off because of the heavy nature of the process, while other times, it is toggled off after Windows or system updates.
Turning on manually turned off LSA is easy, provided you know how to do it. On the other hand, if the process is closed by the system and it is done after every update, you may require serious actions to fix the error.
Without this process, your PC may be vulnerable to interception and data theft. Hence, it is important to keep it ON.
But how? Well, that is what we will share with you in this post.
Ensure you read this until the end, as we will explain how to enable Local Security Authority Protection on your PC. You can enable these steps even when the system cannot do so.
Let’s begin!
Local Security Authority Protection Off Warning on Windows – Why Does it Occur?
If that yellow exclamation mark in your security settings has appeared recently, chances are that the LSA process was affected by the recent turn of events on your PC.
Usually, the user turns off the Local Security Authority protection from the Task Manager as it appears to be a heavy process. However, if it is not manually disabled and is not running, there can be three reasons behind it –
- A corrupt Windows Update was installed on your PC, which caused the LSA to go off.
- The Secure Boot settings have been accidentally reset on Windows. It is the basic security feature that, when disabled, affects other programs, including LSA.
- Due to unnecessary changes in Group Policy Editor, LSA is disabled.
These 3 are the most probable causes of Local Security Authority Protection not running on your Windows PC. As you can realize, all of these require a power user to understand and move ahead to fix.
Check out our easy-to-execute fixes curated, especially for normal users below!
Ways to Resolve Local Security Authority Protection Off on Windows 11
Way #1 – Turn LSA ON Using Windows Security Application
The first and foremost way to enable LSA on your Windows PC is to follow the traditional path and toggle it ON manually via the security application.
Here’s what you need to do –
Step 1 – Open the Start Menu & Search for Security Application in Windows called “Windows Security.”
Step 2 – In Windows Security, you will come across an option that says “Device Security” in the left panel of the screen. 
Step 3 – From Device Security, click “Core Isolation details.”
Step 4 – In Core Isolation, you will see the “LSA toggle.” Turn it ON, and you should be good to go.
This is the basic method to enable LSA on your PC. If you cannot find the Local Security Authority Protection on the shared locations, do not worry. There are other ways explained below to turn it on.
Read Also: Minecraft Error – ‘An Existing Connection Was Forcibly Closed by the Remote Host’ Fixed!
Way #2 – Enable LSA Protection Via Policy Editor on Windows
The Local Group Policy Editor is another way you can spot the LSA protection settings and enable them. Simply follow the steps given below –
Step 1 – Press Windows+R on your keyboard to open the Run Search.
Step 2 – In the Run Search, use the command “GPEDIT.msc.”
Step 3 – After opening the local group policy editor, navigate to the following path –
Computer Configuration\Administrative Templates\System\Local Security Authority
Step 4 – Following the above path, you can find the configured LSASS to run as a protected process.
Step 5 – Select the option mentioned above and right-click on it. You will find the enable option. Just click on it and restart your PC for changes to take effect.
Way #3 – Use Registry Editor to Enable LSA
If the above method does not work, you can use the registry editor to sort your Local Security Authority Protection off situation. Many users say that after editing the RunAsPPL registry entry, their problem was fixed.
However, before you make any changes to the registry, we suggest taking a backup.
To do so, open the Registry Editor > click File > Export. Once the backup is created, follow the instructions below to enable LSA via Windows Registry.
Step 1 – Press Windows + R to open the run search.
Step 2 – In the run search, use the command “regedit.”
Step 3 – This will open the registry editor for you.
Step 4 – In the registry editor, navigate to the following path –
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
and look for the RunAsPPl entry as shown in the below image.
Step 5 – Double-click the RunAsPPL entry and change its Value Data to 2. Click Ok to save the changes.
Note – If you cannot find the RunAsPPL entry, create one by clicking New > select Dword (32-bit) Value. Name the entry as RunAsPPL. Double-click on it, and under the Value Data field, enter 2 and click Ok to save.
Step 6 – Next, click on the empty area, click New > select DWORD (32-bit) Value.
Step 7 – Name the new registry as RunAsPPLBoot and click Ok.
Step 8 – Double click RunAsPPLBoot and change the Value Data to 2 > click Ok to apply changes.
Step 9 – Restart the PC. The Local Security Authority Protection is Off should be fixed.
However, if this does not help, we suggest changing the Value Data of RunAsPPLBoot to 1.
Now restart your PC and check the error must be fixed.
In case this does not work, there are chances that the Windows registry requires optimization. The best way to do that is to use a PC Optimization tool like Advanced System Optimizer. Instead of making unnecessary changes that may worsen the situation, the tool cleans only the invalid registry entries and helps optimize the registry for better performance.
Check out this thorough guide on how and why you should consider optimizing your registries to learn more about it!
Enable LSA Protection Instantly & Fix Your PC’s Security!
The 3 ways mentioned above are your best chances of enabling the Local Security Authority Protection on Windows 11. This is crucial as it keeps your private data confidential and safe from cyber-attacks. However, if they do not help, try uninstalling the latest Windows update, as sometimes it causes the issue. Press Windows + I to open Windows settings > click on Windows Update > scroll down to find Uninstall updates option > look for “KB5023706” update and click “Uninstall.” Restart the PC to apply the change and check the problem should now be fixed.
You can use any of the mentioned ways and enable LSA. Also, to keep the PC optimized and avoid any issues caused due to invalid registry, junk files, duplicates, viruses, etc, give Advanced System Optimizer a try.
That’ll be all for this post. Thanks for reading. Good luck!
Recommended :
Is Microsoft Edge Running Slow? These Fixes Will Help Speed it up!
5 New Creative Things You Can Do With Your Old PC
Thanks for this! The only option that worked for me was to create the RunAsPPL/Boot entries. does this turn off the error and my PC is still at risk or does it indeed enable Local Security Authority Protection again?
Many thanks
Dear Daz,
Glad to know that your problem is resolved.
If the value for RunAsPPL is set to 1, Local Security Authority Protection is enabled, and there is nothing to worry about.
However, you can use an antivirus program to add an extra layer of protection.
Thanks and Regards