What is the protection of a Local Security Authority (LSA)?
Local Security Authority (LSA) protection is a Windows process that helps verify users’ identities and manage credentials such as passwords and tokens associated with Microsoft and Azure accounts. This is an important feature that helps protect system data from unauthorized access or modification by malware. LSA protection isolates critical LSA processes in a secure container with low privileges to prevent other processes, including malware, from accessing them.
LSA protection can be found in Windows Security and this is an important feature that you should not disable. However, if you receive the error “Local security authority protection is disabled, your device may be vulnerable” even though LSA protection is enabled, Digital Experience would like to guide you on how to fix it.
To enable LSA protection:
If you see the message “Local security authority protection is disabled, your device may be vulnerable”, one is that LSA protection is not enabled, and the other is an error that Digital Experience will guide you to fix in the section below.
To enable LSA protection, you can choose one of the following methods.
1. Using Windows Security:
Windows Security opens, tap Device Security > Go to Settings on the main interface or from within the menu bar.
Found Protection of the local security authority and run on It doesn’t matter. When prompted by the User Account Control screen, tap Yesyou allow your computer to restart and you’re done.
2. Using the Registry Editor:
You can open the Registry Editor by typing regedit in Windows Search. You are moving to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa.
Next, find the DWORD named and double-click it RunAsPPL > login Firstly In the Value data box > click Yes. Then let the computer restart.
3. Using the Local Group Policy Editor:
You can open the Local Group Policy Editor by typing gpedit in Windows Search.
You are moving to Computer Configuration \ Administrative Templates \ System \ Local Security Authority > You double click Configure LSASS to run as a protected process in the right frame.
Then you choose maybe And Enabled using UEFI lock > Press Yes same picture. LSA protection will run as a protected process and the UEFI configuration will be locked, which means it cannot be disabled remotely. If you do not want this limitation, you can choose Enabled without UEFI lock in the dropdown list.
Fix “Local Security Authority protection is off, your device may be vulnerable” error that still appears after enabling LSA protection:
Even though LSA protection is enabled, Windows Security still gives an error “Local security authority protection is off, your device may be vulnerable” Then though you can press to reject to forgive.
But to completely solve it, do the following.
Step 1: You can open the Registry Editor by typing regedit in Windows Search.
Step 2: You are moving to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa.
You click twice RunAsPPL in the right pane and enter 2 In the Value data box > click Yes.
Step 3: in the right part of LsaRight-click > Select New Value > DWORD (32-bit) > You name it RunAsPPLBBoot.
Then you double click RunAsPPLBBoot > Set the value of the value data to 2 > Press Yes. And let the computer restart.