Local Security Authority Protection Is off on Windows 11? 4 Ways! [MiniTool Tips]

By Vera | Follow | Last Updated March 20, 2023

Have you got the error Local Security Authority Protection is off. Your device may be vulnerable in Windows 11 although you enable this feature? Fortunately, you are in the correct place and MiniTool will show you how to easily address this issue in 4 ways.

Local Security Authority Protection Is off Windows 11

Local Security Authority protection is a feature in Windows 11 and 10 that is very important in protecting user credentials since it can block unsigned drivers and plugins from access. Local Security Authority (LSA) protection helps verify users’ logon and password changes and create access tokens related to Microsoft accounts and Azure, etc. To keep the PC safe, it should be enabled.

[6 Ways] How to Open Local Security Policy in Windows 11?

What is Local Security Policy? How to open it in the latest Windows 11? This essay offers six workable and easy solutions.

Read More

However, some users have reported that the LSA feature runs into a problem. Although this feature is enabled (the toggle is on), a warning saying Local Security Authority Protection is off. Your device may be vulnerable appears. Perhaps you are also trapped in the same situation.

You may try to disable it, restart the machine, and then re-enable this feature but you are still notified that Local Security Authority Protection is off under Core isolation in Windows Security.

This issue is widespread. According to reports, this issue happens in Windows 11 KB5007651 update which is a mandatory security update coming with Windows 11 March 2023 Update. In addition to the update problem, some other reasons like corrupted system files, Windows Policy issues, etc. could also lead to the error.

Well then, how could you fix the Local Security Authority protection is off bug? Move to the next part to find several solutions.

How to Fix Windows 11 Local Security Authority Protection Is off

Edit Windows Registry

If you experience Local Security Authority protection not working in Windows 11, try to change the value of RunAsPPL and RunAsPPLBoot in the Windows Registry.

To avoid accidental system issues caused by incorrect changes to Registry, back up registry files first, and here is a related post for you - How to Back up Individual Registry Keys Windows 10/11 .

See how to fix Local Security Authority Protection is off. Your device may be vulnerable by changing Windows Registry in Windows 11:

Step 1: Type regedit into the search box and click Registry Editor to open this app.

Step 2: Navigate to this path: Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa .

Step 3: Double-click on the RunAsPPL in the right pane and change its Value data to 2 . Do the same for the RunAsPPLBoot item.

If RunAsPPL and RunAsPPLBoot are not listed in the right pane, right-click on the blank area and choose New > DWORD (32-bit) Value to create these two items. Then, set the value to 2 for them.

Step 4: Save the changes by clicking OK . Then, restart your Windows 11 PC to see if the issue is fixed.

Use PowerShell

To fix Local Security Authority protection is off even after restart in Windows 11, you can try to use PowerShell to run some commands.

Step 1: Right-click on the Start icon and choose Windows PowerShell (Admin) .

Step 2: Click Yes if asked by UAC to continue.

Step 3: Copy and paste the following commands one by one to the PowerShell window and press Enter after each command:

reg add HKLM\SYSTEM\CurrentControlSet\Control\Lsa /v RunAsPPL /t REG_DWORD /d 2 /f

reg add HKLM\SYSTEM\CurrentControlSet\Control\Lsa /v RunAsPPLBoot /t REG_DWORD /d 2 /f

Step 4: Then, restart your system to check if your issue is addressed.

Edit Group Policy

In addition, you can try to edit Windows Group Policy to solve Windows 11 Local Security Authority protection is off . Note that only Pro and higher support this way and Home Edition doesn’t have Local Group Policy Editor.

Step 1: Type group policy in the search box and click Edit group policy .

Step 2: Go to Local Computer Policy > Computer Configuration > Administrative Templates > System > Local Security Authority .

Step 3: Locate Configure LSASS to run as a protected process from the right pane, right-click on it and choose Edit .

Step 4: In the new window, click Enabled , choose Enabled with UEFI Lock under Options , and click Apply > OK .

Run SFC and DISM

Some users try to run SFC and DISM to scan the entire Windows system and repair the corruption to fix some system bugs and errors. So, you can also have a try when Windows Security shows Local Security Authority protection is off although you enable this feature.

Step 1: Launch Command Prompt in Windows 11 with admin rights.

Step 2: Run sfc /scannow and press Enter .

Windows 10 SFC /Scannow Stuck at 4/5/30/40/73, etc.? Try 7 Ways!

Windows 10 SFC /scannow stuck at verification is a common issue and if you have this issue, try solutions in this post to easily get rid of the trouble.

Read More

Step 3: After the SFC scan finishes, you can run a DISM scan by these commands:

DISM /Online /Cleanup-Image /CheckHealth

DISM /Online /Cleanup-Image /ScanHealth

DISM /Online /Cleanup-Image /RestoreHealth

Final Words

These are the useful solutions to help you address Local Security Authority protection is off Windows 11 . If you are plagued by this annoying issue, try these fixes by following the given steps.

In addition, Windows Security is not enough to keep your data secure although it offers you real-time protection to prevent viruses or malicious software from attacking your PC. Sometimes your important files may be deleted by undetected threats. So, we recommend that you should create a backup for your crucial data.

To do this work, MiniTool ShadowMaker could be a good Windows 11 backup software . You can run it to back up your data and create a system image to restore lost files or revert the PC to an earlier state in case of a system breakdown.

Free Download

How to Back up Windows 11 (Focuses on Files & System)?

How to back up Windows 11 computer to an external hard drive, USB flash drive, or other devices? See this post that focuses on Windows 11 backup.

Read More

About The Author

Vera Follow us

Position: Columnist

Vera is an editor of the MiniTool Team since 2016 who has more than 5 years’ writing experiences in the field of technical articles. Her articles mainly focus on disk & partition management, PC data recovery, video conversion, as well as PC backup & restore, helping users to solve some errors and issues when using their computers. In her spare times, she likes shopping, playing games and reading some articles.

User Comments :

Post Comment