Fix: ‘Local Security Authority protection is off’ but its on issue
“Local Security Authority Protection is off. Your Device may be vulnerable” is a warning that displays when the UI (User Interface) of Security Settings app is glitched. This happens if the LSA is disabled from the registry key instead of settings app.
As these UI elements check the value of the registry key to detect the change in system configuration, if LSA is disabled through registry but enabled in the settings this warning message will be triggered. This problem started occurring after 22H2 cumulative update KB5023706.
Solution? – Simply Turn it on from Registry
To remove this warning, you need to enable the Local Security Authority from the registry editor, which will fix this issue. The registry editor is a database for Windows, so make sure to create a restore point before making any changes to the registry editor.
To enable the LSA, follow the steps:
- Press the Win + R keys simultaneously.
- Type regedit in the input box and click OK.
Navigating to Registry Editor - Go to the following destination. You can copy and paste the following path in the search box to navigate fast.
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
- Right-click the Window, hover New, and select DWORD (32-bit) Value from the listed options.
Creating a registry entry - Name it as RunAsPPLBoot and change its value to 2.
Enabling LSA Protection Boot in the registry editor - Once done, look for another registry key named RunAsPPL. If you already have it, then make sure it is set to 2. If you don’t have it, then right-click the Window, hover New, and select DWORD (32-bit) Value.
- Name it RunAsPPL and change the value data from 0 to 2.
Enabling LSA Protection from the registry editor - Once done, close the registry editor and restart your computer for the changes to take effect.
