How to Reset All Local Security Policy Settings to Default in Windows

This step-by-step tutorial demonstrates how to completely reset all Local Security Policy settings back to their defaults in Windows 11 and Windows 10. Instructions are provided for using the Local Security Policy console, as well as restoring security policy defaults using PowerShell.

The purpose and impacts of Local Security Policy in Windows, as well as its use cases are also explained to assist with troubleshooting and to help you better understand the changes you are making to your Windows PC.

💡For a complete visual demonstration of the reset process, you can also watch our video guide: How to Reset All Local Security Policy Settings to Default.

Understanding Windows Local Security Policies

Windows Local Security Policy is the configuration set that defines how the Windows operating system’s security features behave. It covers areas such as authentication, user permissions, auditing, boot security, firewall and network security, as well as many other security settings. Local Security Policy functionality is only available in Pro and Enterprise versions of Windows 11 and Windows 10, and is not available on Home versions of these operating systems.

Local security policies apply only to the individual PC on which they are configured. Security policies can be configured for multiple machines if they are joined to a Windows Active Directory Domain.

Common security-related tasks that can be performed using Local Security Policy include:

• Setting password complexity requirements (like requiring a minimum length and the use of numbers, letters, and special characters).
• Enabling auditing to monitor user actions and processes.
• Managing access to resources or functionality, for example, restricting who can shut down the system.
• Managing firewall settings, including allowing certain apps and ports.

While the Windows Settings app and Control Panel offer some access to this functionality, defining Local Security Policies allows you to fine-grained control over the security settings of your Windows PC.

Reasons for resetting Local Security Policies in Windows 11 and Windows 10

Generally, you will reset local security policies to their defaults to troubleshoot system issues or revert a change you’ve made yourself. You may also need to revert changes made by third-party software.

Reverting Windows security policies to their defaults will also ensure that any unauthorized modifications to your security configuration are removed. This provides a baseline for security settings that you can then further enhance by re-introducing the security policies you want to retain.

Prerequisites and considerations

To modify or reset the Local Security Policy to its defaults, you must be logged in as an Administrator.

You should also make sure you take a complete backup of your Windows PC, including your operating system and all data, so that you can restore it in case a mistake is made or an error occurs. It is also worth noting that if your PC is part of a Windows Domain, any security policies defined at the domain level will still apply.

How to reset Local Security Policy to a default

There are several methods you can employ to restore default security policy settings in Windows 11 and Windows 10:

Using Command Prompt and PowerShell to reset all local security policies to their defaults

Follow these steps to restore Local Security Policy to its default state using the Command Prompt:

• Open the Windows Command Prompt or PowerShell as an Administrator
• Enter the following command:

secedit /configure /cfg %SystemRoot%\inf\defltbase.inf /db defltbase.sdb /verbose

• Reboot your device to apply the changes and fully restore the default security settings

The secedit command is used to read the default security policy settings from defltbase.inf, and apply them. This includes all settings including those relating to passwords, firewall settings, auditing, and user permissions.

Using the Local Security Policy console to revert individual changes

The Security Policy Console does not offer a way to reset all settings at once. However, the step-by-step instructions outlined below show you how to reset individual security policies using the Local Security Policy console:

• Right-click on the Start button and click Run
• Type secpol.msc into the Run dialog and press OK to open the Security Policy console
• In the left navigation pane, navigate through the Account Policies and Local Policies and revert any settings that you have modified
• You will need to consult the documentation for each setting to determine the default values, so that you can revert to it.

If you are attempting to return to a ‘clean slate’, it is recommended to use the Command Line or PowerShell methods detailed above to completely reset all settings, in case you miss something or are unsure of the default value.

Using the Group Policy Editor to reset individual local security policies

As with the Local Security Policy console, the Local Group Policy Editor can be used to reset individual Local Security Policy settings:

• Open the Local Group Policy Editor
• Navigate to the security policies located at Computer Configuration/Administrative Templates/All Settings and User Configuration/Administrative Templates/All Settings
• Restore each setting to its default based on its documentation
• Reboot your PC

Again, this method is not advisable if you wish to reliably restore your security systems to their default state.

For a complete visual demonstration of the reset process, you can also watch our video guide here: How to Reset All Local Security Policy Settings to Default.

How to verify that the Local Security Policy was reset

To confirm the settings have been reset successfully, you can open the template file that contains the default security settings, located at %SystemRoot%\inf\defltbase.inf, and compare them with the settings shown in the Security Policy console.

You can also export the current security policies to a text file in the current directory for easier comparison:

secedit /export /cfg ./current_security_policy.inf /quiet

Once you have stored your current Local Security Policy settings and the defaults as .inf files, you can sort the lines in the file by name and then compare the two files to identify their differences.. Programming tools like Visual Studio Code make building automated PowerShell workflows, such as this one, much easier.

⚠️ Important: You must be running PowerShell as an administrator for the command to work.

Best practices for managing Local Security Policies

There are a few best practices you can follow when managing Local Security Policies in Windows 11 and Windows 10 to reduce the chance of making a mistake and ensure that your system has a strong security configuration:

• Read the documentation for each setting so that you understand what it does and the implications of changing it from its default state
• Back up before you make changes to make it easy to roll back (especially if you lock yourself out of something)
• If you share your PC with others, enforce strong password policies to make sure that other users are using strong passwords. This way, you can ensure that your system is harder to compromise
• Enable auditing features to alert you of failed login attempts and configuration changes
• Restrict the privileges of user accounts for inexperienced users

You can also leverage policy templates to copy security policies between computers by exporting the current configuration. To do this, run the secedit /export command shown above, and then restore that file on another system using secedit /configure, and supply the exported file rather than the Windows default defltbase.inf file. Note that you should only import/export from the same version of Windows.

How to manage Windows security policies for multiple devices

Manually exporting and importing Local Security Policy configuration files between Windows devices is an inefficient and error-prone process that ultimately leads to inconsistent and insecure configurations.

NinjaOne offers a comprehensive endpoint management platform for Windows, macOS, Android, iOS, and Linux devices, providing complete oversight of your entire infrastructure, including configuration for Windows 11 and Windows 10 PCs. NinjaOne also alerts you to potential cybersecurity concerns as they happen, allowing you to respond quickly and close off attack vectors by updating your security policies.