[Step-by-Step Guide] How to Enable or Disable Secure Boot

What is Secure Boot and How Does It Work?

Secure Boot is a security feature developed by PC manufacturers to allow a computer to boot using only trusted software. It was first introduced with Windows 8 and has been included in all subsequent versions.

The primary purpose of Secure Boot is to protect your computer from various types of malware. During the Secure Boot process, when the system restarts, the firmware checks the signature of each component of the boot software (firmware drivers, operating system, EFI applications, etc.). If the signature is satisfactory, the firmware hands control over to the OS, and the computer boots up.

What happens if I enable/disable Secure Boot?

Since Secure Boot is a protective mechanism, enabling it can prevent all sorts of malware attacks and keep your computer safe. Some malware loads onto your computer the moment you boot it up. These are called rootkits. Rootkits can save passwords, login details, keystrokes, transfer sensitive files, and capture encrypted data. For the sake of data security, optimal speed, and smooth performance, having Secure Boot enabled is crucial.

However, you might need to disable Secure Boot if you want to use an older version of Windows, certain graphics cards, or unlicensed software. Disabling Secure Boot keeps your computer from checking the digital signature of the operating system. This lets you do things like:

Boot Windows from an external hard drive or USB. Dual-boot with Linux or Fedora. Boot into a Windows password recovery tool. Run an older version of Windows.

In short, whether you enable or disable Secure Boot depends on your needs. You should keep it enabled for maximum security. If you want to use fancy third-party apps, you can disable Secure Boot.

How to Enable or Disable Secure Boot on Your Computer

So far, we've explained what Secure Boot is and what happens when you enable or disable it. This section will provide a step-by-step guide on how to enable or disable Secure Boot on your computer.

How to Enable Secure Boot

Before you enable Secure Boot, make sure your system has Windows 8 or later, the latest UEFI, and the necessary firmware options.

Then, follow these steps to enable Secure Boot on your computer:

Step 1. Remove any operating systems, software, and graphics cards that are incompatible with Secure Boot.

Step 2. Enter the PC BIOS menu by holding down the Shift key and selecting Restart. Then, go to Troubleshoot > Advanced options.

Step 3. In the Advanced options menu, select UEFI Firmware Settings.

How to Enable “Secure Boot” in Windows 8

4. Go to the "Secure Boot" setting, and set it to "Enabled". This option is usually located under the "Boot" or "Security" tab.

5. After saving your changes, exit the “Menu”. You can now boot from any media that supports Secure Boot. You can also install a new operating system from here. However, the partition where Windows is installed will be listed as a "GPT Partition" and not an "MBR Partition".

**Step 6** After installing the operating system, you can check if Secure Boot is enabled by typing `msinfo32.exe` and looking for the Secure Boot state. If it says "Enabled," Secure Boot is enabled.

How to Disable Secure Boot

If your computer doesn't allow third-party software, Secure Boot is probably enabled. You can disable it by following these steps.

**Step 1.** Check for any recent updates to the Secure Boot system before disabling it. This will show you the most up-to-date list of software, graphics cards, and other components that are compatible with your computer. This can help you determine if disabling it is really necessary.

**Step 2:** Restart into BIOS setup again. In Windows, hold down the Shift key while selecting "Restart." Go to **Troubleshoot > Advanced options.**

Step 3. From the advanced options, go to UEFI firmware settings.

Step 4. Find the "Secure Boot" option in the available menu and set it to "Disabled". On some systems, this option is located under the "Boot" or "Security" tab.

Step 5: Save the changes and reboot the computer.

Step 6: Install any unlicensed operating system or video card on your computer. If it works, the lockdown has been defeated.

Protect Your Computer Data with Backup Software

Secure Boot is an important security feature that prevents malware from loading when you start up your computer. Most computers support Secure Boot, but in some cases, the settings might cause your computer to appear as if it doesn't support Secure Boot.

To keep the data on your computer safe from malware, you can use professional backup software, such as tools Todo Backup, which provides secure and reliable backup for your data.

Todo Backup Home is a practical backup tool for Windows 11/10/8/7. It allows you to automatically back up your system, disks, partitions, files, and create various types of backups. Additionally, it enables you to create ISO images from your operating system or hard drive. This award-winning software keeps your data safe from all malicious attacks. With this protection, you won't have to worry about data loss during any system startup.

You can follow these steps to create a system backup of your computer.

Step 1. Launch Todo Backup on your computer and click Create backup on the main screen, then hit the big question mark to Select what to backup.

Step 2. To back up the Windows OS, click on "OS" to start the task.

Step 3. The system should automatically select the Windows operating system and all system-related files and partitions, so you don't need to make any manual selections. Next, click on the area highlighted in the screenshot below to choose where you want to save your system image backup.

Step 4. The backup location can be another local drive on your computer, an external hard drive, a network, the cloud, or a NAS. We generally recommend using an external physical drive or the cloud to store your system backup files.

< strong > Step 5. If interested, click on the Options button to customize settings like enabling daily, weekly, monthly or event-triggered automatic backup schedules, and differential and incremental backups. Click "Backup Now" and the Windows system backup process will begin. Completed tasks will be displayed as cards on the left.

Abstract

Secure Boot is an advanced security feature that acts as a firewall against malware, helping to speed up, improve performance, and efficiency of your PC. It's available on Windows 8 and later. However, you might need to disable it if you're running an earlier version of Windows, unauthorized apps, or a graphics card.

This article will guide you through how to enable and disable Secure Boot. Read on to find out how the feature works, and let us know what you think of it.

Frequently Asked Questions (FAQ)

What's wrong with Secure Boot?

Since Secure Boot is only compatible with Windows 8 or later, you can't use it with earlier versions of Windows. It also prevents you from running unauthorized software, which might be necessary for some work. It can also stop your system from accepting certain graphics cards, which can affect professional software and gaming.

2. Is Secure Boot set to UEFI or legacy BIOS mode?

Secure Boot supports only the latest UEFI-native operating systems. Legacy boot is a basic input/output system (BIOS) firmware that does not support Secure Boot.

Third: Does Windows 10 require UEFI Secure Boot?

Microsoft wants PC makers to enable Secure Boot on new systems to earn the official Windows badge and certification, but an upgrade to Windows 10 on older systems does not require UEFI Secure Boot.

4. Is Secure Boot necessary?

No, it's an option. You can enable or disable it as needed. The operating system can function without it.