3 Ways to Enable Local Security Authority (LSA) Process in Windows 11

The Local Security Authority (LSA) process is a key component of the Windows Security infrastructure. It enables the administration of security policies and authenticates user accounts. While the LSA process is disabled by default in Windows 11, it can be enabled if needed. This article will guide you on how to enable Windows Local Security Authority (LSA) process.

Enable Windows Local Security Authority (LSA) Process

You may wonder why you need to enable LSA on your Windows PC. Well, apart from managing and maintaining security policies, the Local Security Authority provides a secure environment for the apps and services to run and also manages system credentials like passwords or tokens to prevent unauthorized access.

We have listed three ways to help you enable LSA on your computer. Follow along.

1. Turn On LSA in Windows 11 Using Windows Security Settings

Windows Security holds tools and features that constantly monitor and help protect your Windows PC from viruses, malware, and other security threats. It also includes enabling and changing Windows Local Security Authority (LSA) process. Here’s how to do it. 

Step 1: Press the Windows key on your keyboard, type Windows Security, and click Open.

type Windows Security

Step 2: From the left pane, go to Device security.

go to Device security

Step 3: Under the Core isolation section, click on ‘Core isolation details.’

click on ‘Core isolation details.’

Step 4: Toggle on the Local Security Authority protection option.

Toggle on ‘Local Security Authority protection’

In the prompt, click Yes.

Finally, reboot your PC for the changes to get applied. And that’s it. You have successfully enabled Local Security Authority (LSA) protection in Windows 11. If you don’t want to do it through Windows Security, you may go with Registry Editor.

2. Activate Local Security Authority Using Registry Editor

Windows Registry Editor binds with the changes you want to make on your Windows PC. This method isn’t as straightforward as the above one, but the steps are relatively simple. 

However, as we are using Registry Editor, we strongly recommend you back up the Windows Registry before proceeding with the steps below.

Step 1: Press the Windows key on your keyboard, type Registry Editor, and click Open. 

Note: You can also press ‘Windows key + R’ to open the Run dialog box, type regedit.exe, and click OK to open Registry Editor.

type Registry Editor

In the prompt, select Yes. 

Step 2: In the top bar, enter the below-mentioned address. 


Note: You can manually navigate to the section too. 

enter the below-mentioned address

Step 3: In the right pane, double-click on RunAsPPL.

double-click on RunAsPPL.

Step 4: Type 0 in the Value Data field and press OK.

Type 0 in the Value Data field

Finally, reboot the system to implement the changes. And that’s it! The Windows Local Security Authority (LSA) protection will be enabled when the system boots back. If you don’t want to enable LSA from the registry, you can go with the Group Policy editor.

3. Enable LSA Protection Using the Local Group Policy Editor

The Local Policy Editor on Windows holds a lot of settings that have the potential to enhance your Windows experience. It also allows you to enable LSA process in Windows 11. 

Note: Group Policy Editor is only available in the Windows 11 Pro and Enterprise versions. If you are using Windows 11 Home Editor, you cannot use this method.

Step 1: Press the Windows keys on your keyboard, type gpedit, and click Open. 

Note: You can also press ‘Windows key + R’ to open the Run command box, type gpedit.msc, and click Open.

type gpedit

Step 2: Select Computer Configuration.

select Computer Configuration

Step 3: In the right pane, double-click on Administrative Templates.

double-click on Administrative Templates

Step 4: Select the System option. 

Select the System option

Step 5: Under the System option, locate and click on the Local Security Authority folder.

click on the Local Security Authority folder

Step 6: Select ‘Configures LSASS to run as a protected process.’

Select ‘Configure LSASS to run as a protected process.’

Step 6: In the ‘Configure LSASS to run as a protected process’ window, select the Enabled option. 

select the Enabled option. 

Step 7: Under ‘LSA to run as a protected process,’ from the drop-down, choose ‘Enabled with UEFI Lock.’

choose ‘Enabled with UEFI Lock.’

Step 8: Finally, click on Apply and then OK.

click on Apply and then OK.

There you go. Now, all you need to do is reboot Windows. Once it boots back up, the Windows Local Security Authority (LSA) process will be enabled. If you have any queries, check out the FAQ section below.

FAQs on Windows Local Security Authority Protection

1. What is the impact of enabling LSA protection?

By enabling LSA, you can prevent attacks that attempt to steal sensitive information or manipulate processes that are critical to the Windows operating system. But turning on LSA could cause problems with some programs that need direct access to the LSA subsystem.

2. What is the difference between LSA and LSASS?

LSA stands for ‘Local Security Authority,’ while LSASS, on the other hand, stands for ‘Local Security Authority Subsystem Service.’ Although LSA and LSASS are closely related, they refer to different things. LSA is a security subsystem in Windows that manages security policies and authentication protocols, while LSASS is responsible for authenticating users and enforcing security policies on the system.

Control the Security of Your Windows PC

Whether you are a system administrator or IT professional, it is essential to know how to enable the Local Security Authority process in Windows 11. Now that you have gone through a step-by-step process, you may also want to check out these easy ways to open Local Security Policy in Windows PC.

Last updated on 23 February, 2023

The above article may contain affiliate links which help support Guiding Tech. However, it does not affect our editorial integrity. The content remains unbiased and authentic.