If you’re running Windows 11, you’ve probably heard about Secure Boot—one of Microsoft’s system requirements for better security. But here’s the catch: not everyone has it turned on, even if their PC supports it.
So, if you’re scratching your head wondering, “How do I enable Secure Boot in Windows 11?”, you’ve landed in the right place.
This guide will walk you through everything you need to know about Secure Boot—what it is, why it matters, and most importantly, how to turn it on step by step.
What is Secure Boot in Windows 11?
Before we start pressing buttons, let’s get the basics down.
Secure Boot is a security feature built into modern UEFI (Unified Extensible Firmware Interface) firmware. It ensures your PC boots using only software that’s trusted by the PC manufacturer.
In plain English? It prevents malicious software, rootkits, and unauthorized operating systems from loading during startup. Think of it like a bouncer at the club—if your system files don’t have the right pass, they’re not getting in.
Why is Secure Boot Important in Windows 11?
Microsoft made Secure Boot a requirement for Windows 11 installation because it:
-
Protects against malware attacks during startup.
-
Prevents rootkits and bootkits from hijacking your system.
-
Ensures system integrity by only loading signed drivers and OS files.
-
Supports BitLocker encryption for added security.
So if you’re serious about keeping your PC safe, enabling Secure Boot is a no-brainer.
How to Check if Secure Boot is Enabled in Windows 11
Before enabling it, let’s confirm your current Secure Boot state.
Step 1: Open System Information
-
Press Win + R to open the Run dialog.
-
Type
msinfo32and hit Enter.
Step 2: Check Secure Boot Status
-
In the System Information window, look for Secure Boot State.
-
You’ll see one of three results:
-
On – It’s already enabled.
-
Off – It’s disabled but supported.
-
Unsupported – Your PC doesn’t support Secure Boot.
-
👉 If it says On, you’re good to go. If it’s Off, let’s move on.
Requirements for Enabling Secure Boot
Not all systems can turn it on right away. Here’s what you need:
-
UEFI firmware (not Legacy BIOS).
-
64-bit Windows 11 (Secure Boot is not supported on 32-bit).
-
A motherboard that supports Secure Boot.
-
TPM 2.0 (usually paired with Secure Boot for Windows 11).
If your PC is still on Legacy BIOS, you’ll need to switch to UEFI mode.
Method 1: Enable Secure Boot from UEFI/BIOS Settings
This is the most common way. Don’t worry—it sounds scarier than it is.
Step 1: Enter UEFI Firmware Settings
-
Open Settings → System → Recovery.
-
Under Advanced startup, click Restart now.
-
Choose Troubleshoot → Advanced options → UEFI Firmware Settings → Restart.
Alternatively, press your system’s key during boot (usually F2, F10, DEL, or ESC).
Step 2: Navigate to Boot Options
Once inside BIOS/UEFI:
-
Go to Boot, Security, or Authentication tab (varies by manufacturer).
Step 3: Enable Secure Boot
-
Find Secure Boot.
-
Change it to Enabled.
-
Save and exit (usually F10).
After reboot, your PC should now have Secure Boot enabled.
Method 2: Switch from Legacy BIOS to UEFI (If Needed)
Some systems run in Legacy BIOS mode, which blocks Secure Boot.
Step 1: Check Boot Mode
-
Open System Information (
msinfo32). -
Look for BIOS Mode.
-
If it says UEFI, you’re good. If it says Legacy, you need to convert.
Step 2: Convert MBR to GPT
Secure Boot requires GPT partition style.
-
Open Command Prompt (Admin).
-
Type:
-
Restart your PC.
Step 3: Switch to UEFI
-
Enter BIOS settings.
-
Change Boot Mode from Legacy to UEFI.
Now you can enable Secure Boot as explained earlier.
Method 3: Enable Secure Boot on Different Motherboards
Different brands hide Secure Boot in slightly different menus. Here’s a quick breakdown:
For ASUS
-
Go to Boot → Secure Boot.
-
Set OS Type → Windows UEFI Mode.
-
Enable Secure Boot.
For MSI
-
Navigate to Settings → Advanced → Windows OS Configuration.
-
Enable Secure Boot.
For Gigabyte
-
Go to BIOS → Peripherals → Secure Boot.
-
Set to Enabled.
For Dell / HP / Lenovo
-
Check under Security → Secure Boot Configuration.
-
Enable it and save.
Common Problems When Enabling Secure Boot
Problem 1: Secure Boot Unsupported
-
Your motherboard might be too old.
-
Solution: Update BIOS firmware or upgrade hardware.
Problem 2: Can’t Find Secure Boot Option
-
Try updating your BIOS.
-
Some settings appear only in UEFI mode.
Problem 3: Black Screen or Boot Failure
-
Switching from Legacy BIOS to UEFI without converting MBR to GPT can cause boot issues.
-
Fix: Convert disk first, then switch.
How to Verify Secure Boot is Enabled After Restart
-
Open System Information (
msinfo32). -
Check Secure Boot State → On.
That’s your confirmation. 🎉
Should You Always Enable Secure Boot?
For most users—yes. It enhances security without noticeable downsides.
But in some cases, like dual-booting Linux, Secure Boot may cause compatibility issues. You can temporarily disable it if needed.
Alternatives to Secure Boot for Extra Security
If your system doesn’t support Secure Boot, don’t panic. You can still boost security with:
-
BitLocker encryption
-
Windows Defender Credential Guard
-
Virtualization-based security (VBS)
-
Regular BIOS password protection
Conclusion
Enabling Secure Boot in Windows 11 might sound technical, but it’s actually straightforward once you know where to look. Whether your system is already in UEFI mode or still stuck in Legacy BIOS, the steps are manageable.
Think of Secure Boot as an extra lock on your digital front door—it ensures only trusted guests (your OS and drivers) are allowed inside.
So, if your PC supports it, go ahead and turn it on today. It’s one of the simplest ways to keep your system safe from hidden threats.
FAQs
1. What happens if I enable Secure Boot in Windows 11?
It ensures only trusted, signed software loads during startup, improving security.
2. Can I enable Secure Boot without UEFI?
No, Secure Boot only works in UEFI mode, not Legacy BIOS.
3. Will enabling Secure Boot delete my files?
No, it doesn’t affect your personal files—it only changes boot security settings.
4. Why can’t I find the Secure Boot option in BIOS?
Your system may be in Legacy mode or using outdated firmware. Update BIOS and switch to UEFI.
5. Does Secure Boot slow down the system?
Not at all. In fact, it can slightly speed up boot times while improving security.