Category How-To, Windows

How to Fix Secure Boot is Greyed Out on Windows 11: 15 Effective Solutions

Author Rashmi Mishra Published on 6 min read

Secure Boot has long been an exceptionally user-friendly feature. What makes it so pivotal is the ability to allow your Windows device to boot only with trusted software by keeping the malicious drivers and unauthorized operating systems at a fair distance. That’s the reason why it becomes a huge headache when this security feature starts malfunctioning. Being greyed out or unresponsive is the sort of issue that often tends to plague it. But bother not! I have jotted down the 15 most effective solutions to fix the Secure Boot greyed out on Windows 11. Read on to…

15 Ways to Fix Secure Boot is Greyed Out on Windows 11 24H2

Contents show

So, what makes the Secure Boot go broke, get greyed out, and refuse to kick in? To be more precise, these are the most common reasons why this issue raises its head –

  • Disabled in BIOS
  • Unsupported hardware
  • Outdated firmware
  • Compatibility issues
  • Secure Boot key missing
  • TPM disabled
  • BIOS mode mismatch
  • Operating system conflict
  • Bootloader configuration
  • Incomplete OS installation

To get rid of the problem, we are going to take on each one of these hurdles meticulously.

1. Check BIOS Mode (UEFI vs. Legacy)

It’s worth pointing out that the “Secure Boot” is only available in UEFI mode, not Legacy mode. Therefore, make sure to check the BIOS mode and ensure that it’s in the right place.

  • Restart your Windows device and enter the BIOS/UEFI settings by pressing the key shown during boot (usually F2, F10, or Delete).
  • Locate the Boot options or Boot Mode setting.
  • Make sure that UEFI is selected and not Legacy or CSM (Compatibility Support Module).
  • Be sure to save the changes and exit BIOS/UEFI. Your PC should boot in UEFI mode.

2. Update BIOS/UEFI

Do note that the older BIOS versions might not be fully compatible with Secure Boot. 

  • Hence, visit your PC manufacturer’s website and find the latest BIOS/UEFI update for your motherboard model.
  • Then, go through the instructions provided by the manufacturer to update your BIOS.
  • After updating, restart your PC and check if Secure Boot is enabled.

3. Disable Fast Boot in BIOS

Be warned that the “Fast Boot” can sometimes interfere with Secure Boot settings. 

  • Enter BIOS/UEFI as described above.
  • Look for a Fast Boot option under Boot or Advanced settings.
  • Now, disable Fast Boot.
  • After that, make sure to save and exit BIOS/UEFI, then check Secure Boot again.

4. Disable Secure Boot in Windows Recovery

Another important thing that I’d like to point out is that the Windows Recovery Mode can reset Secure Boot settings. Thus, turn off the Secure Boot in Windows Recovery.

  • On your PC, dive into the Start menu > Power > select Restart while holding the Shift key to enter Windows Recovery Mode.
Restart Windows 11
  • After that, choose Troubleshoot > Advanced Options > UEFI Firmware Settings.
  • Then, restart and enter the BIOS/UEFI settings.
  • Next, find out if the Secure Boot is available.

5. Clear TPM (Trusted Platform Module)

At times, TPM aka Trusted Platform Module settings could also be at variance with Secure Boot.

  • Press Win + R > type tpm.msc in the field > press Enter to open the TPM Management console.
  • If TPM is active, clear it by selecting Clear TPM under Actions.
  • Reboot your Windows PC and check if Secure Boot is no longer greyed out.

6. Enable Secure Boot from BIOS/UEFI Settings

If you have not yet been able to resolve the issue, activate the Secure Boot from BIOS/UEFI settings.

  • To get it done, first, restart your PC and enter BIOS/UEFI.
  • Locate the Secure Boot option, usually under the Boot or Security tab.
  • Now, you have to change the setting from Disabled to Enabled.
  • Finally, be sure to save and exit BIOS/UEFI.

7. Restore BIOS Settings to Default

Many a time, you can resolve the Secure Boot-related issues by restoring the BIOS settings to the default state. It has long been an effective way to flush out the misconfigured BIOS settings.

  • Enter BIOS/UEFI settings and locate the option to Restore Defaults or Load Optimized Defaults.
  • Next up, be sure to confirm the action and save the changes.
  • Reboot your system and find out if Secure Boot is accessible.

8. Ensure Windows is Installed in UEFI Mode

For Secure Boot to function without any glitches, Windows must be installed in UEFI mode on your PC.

  • Press Win + X > Disk Management > Now, find the EFI System Partition.
  • If the partition shows up, your system is in UEFI mode.
  • However, if it doesn’t appear, you will have to reinstall Windows in UEFI mode.

9. Disable or Uninstall Third-Party Boot Managers

Be warned that the boot managers or dual-boot configurations could be at variance with the Secure Boot. Thus, I’d recommend you disable or completely uninstall the third-party boot managers.

  • Open the Control Panel and navigate to Programs and Features.
  • After that, uninstall any third-party boot manager software and reboot the computer.

10. Check for System Drive Encryption (BitLocker)

Ensure that the BitLocker encryption has not locked the Secure Boot settings on your Windows device.

  • Open the Control Panel on your PC and go to System and Security > BitLocker Drive Encryption.
  • If BitLocker is active, make sure to disable it by clicking Turn off BitLocker.
  • After you have successfully disabled the encryption, figure out if Secure Boot can now be enabled.

11. Enable Legacy Boot Support in BIOS

Certain systems must have legacy boot support in order to get along with Secure Boot. 

  • Enter BIOS/UEFI settings > locate Legacy Boot or CSM option.
  • Be sure to activate this feature if it’s disabled > save the change and reboot the device.

12. Run a System Update

Missing system updates could be severely affecting the Secure Boot.

  • Open Settings > Windows Update > Check for updates and install any available updates > Restart your PC.
update software on Windows computer

13. Remove Custom Security Keys

In some rare cases, custom security keys tend to conflict with the Secure Boot settings, which crop up a number of vexing issues.

  • Enter BIOS/UEFI settings > head over to the Security or Boot section.
  • Up next, you need to remove any custom security keys if present.
  • Now, do not forget to save the changes and restart the device to see if the issue is resolved.

14. Use the Microsoft Secure Boot Troubleshooter

Microsoft offers a highly efficient tool to let you detect and fix Secure Boot issues on Windows 11. So, make full use of the Secure Boot Troubleshooter to nab the bad actor and eliminate it for good.

  • Open the Settings app on your Windows PC > Update & Security > Troubleshoot.
  • Choose Additional Troubleshooters.
  • Run the Secure Boot troubleshooter > run through the on-screen instructions and restart your device.

15. Check for Corrupted System Files

Never overlook the possibility of corrupted system files as they are equally responsible for triggering the Secure Boot issues and preventing them from functioning with the desired efficiency.

  • On your Windows device, launch the Command Prompt as an administrator.
  • Run the following command and then restart your device – 
sfc /scannow
Run SFC scan on Windows 11

Signing off…

There you have it! By following these trusted tips and tricks you can restore Secure Boot functionality and enhance your system’s security. Hopefully, the issue has paved the way for a smooth and reliable experience.

Posted by
Rashmi Mishra

Founder/CEO: Rashmi Mishra is a new-age entrepreneur and a die-hard tech lover. Though Rashmi has a special liking for iPhone, MacBook, and Apple Watch, she loves to take the hottest Android smartphones and Windows laptops for a spin. When she is not reading stories that are breaking the Internet, you will find her either crafting designs or fixing lives for good!

You may also like

17 Ways to Fix Dell PC Shutdown Process Broken After Windows 11 24H2 Update
Category How-To, Windows

17 Ways to Fix Dell PC Shutdown Process Broken After Windows 11 24H2 Update

Published on 4 min read
14 Ways to Fix X Pen Being Detected as a Keyboard on Windows 11 24H2
Category How-To, Windows

14 Ways to Fix X-Pen Being Detected as a Keyboard on Windows 11 24H2

Published on 4 min read

Leave a Reply

Your email address will not be published. Required fields are marked *