• LSA checks for password changes and login attempts, among other tasks.
  • In addition, it is responsible for verifying the identity of the user during the login process
  • What are the steps to follow to enable the tool on our PC and be calm?

As Microsoft releases new versions of its operating system, they improve in terms of security. In today’s article, We will show you how to activate the protection offered by LSA -Local Security Authority- for user verification within Windows 11 and what does it mean to enable this feature from Redmond.

For those of you who don’t know by now, the Local Security Authority is a key element of the security system within Windows that is responsible for verifying the identity of the user during the login process.

It also checks for password changes and login attempts, generates access tokens for single sign-on sessions, and performs other authentication and authorization tasks in Windows.

What is LSA protection in Windows 11?

Therefore, securing the Local Security Authority subsystem is one of the most important steps we can take to protect the system and accounts against today’s various cyber threats.

By enabling Local Security Authority protection, we gain greater control over potential clear-text password vulnerabilities and access credential dump attacks.

That is, we enjoy an additional layer of security within Windows environments.

YOU CAN ALSO READ:   How to tame animals in Minecraft

How to enable Local Security Authority?

Windows 11 offers support for Local Security Authority protection that prevents unauthorized access to your system by attackers, and there are many ways to activate this system; all simple.

Anyways, keep in mind that you must have Administrator privileges to quickly enable additional Local Security Authority protection in Windows 11, so make sure of it.

Using the Windows Security app

The most direct way to turn on LSA in Windows 11 is to use the Windows Security app..

  • Go to the Windows search bar and type Windows Security
  • Select Windows Security in the search results
  • Expand the menu on the left in this application, and enter Device security
  • Under Core Isolation, click on Core Isolation Details
  • Turn on the Local Security Authority Protection toggle button
  • Confirm the change by clicking Yes on the User Account Control message
  • Restart your PC for the changes to take effect
activate-LSA-windows-11-2-1

By enabling Local Security Authority protection, you will be protecting your computer and system resources from attackers who they might try to gain unauthorized access to your system by stealing your credentials.

The “Local security authority protection is disabled, your device may be vulnerable” alert will warn that things are not going as they should, so be careful to look out for those kinds of specific warnings.

Using the Registry Editor

You can also enable Local Security Authority protection through the Windows Registry. However, Before making any changes, it is important to backup the Registry or create a system restore point to keep your system safe from any kind of incident..

  • Press Win + R keys and type regedit in the Run dialog box
  • Press the Enter key and answer Yes to the User Account Control prompt
  • In the Editor, go to “ComputerHKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa”
  • In the right pane, double click on RunAsPPL
  • Change the value data to 1 and press OK
  • Restart your PC for the changes to take effect
YOU CAN ALSO READ:   How to view basic calculations without formulas in Sheets?

This is just one of the many tricks of the Windows Registry Editor, a very useful tool.

Using the Group Policy Editor

If you have a Windows Pro or Enterprise edition, use the Local Group Policy Editorspecifically included to enable Local Security Authority protection and, as before, previously create a system restore point before making changes to this policy.

  • Press Win + R keys and type gpedit.msc in the Run dialog box
  • Hit Enter and go to Settings under ConfigurationAdministrative TemplatesSystemLocal Security Authority
  • In the right pane, double click Configure LSASS to run as a protected process
  • In the Policy Settings window, tap on Enabled and choose Enabled with UEFI Lock or not
    • Remember, yes, that if you choose Enabled with UEFI Lock, this will be a protected process
  • Click OK and then Apply to finish with the Group Policy Editor

Have you been able to activate LSA in Windows 11 with any of these tricks?

Write A Comment