Disabling Secure Boot in Windows: Step-by-Step Instructions

Updated on August 22, 2025, by ITarian

how to disable secure boot

If you’ve ever tried installing a dual-boot operating system or unsigned drivers on a modern PC, chances are you’ve encountered Secure Boot. While Secure Boot is a critical feature designed to prevent malware from tampering with the boot process, there are situations where you need to know how to disable Secure Boot.

For IT managers, cybersecurity professionals, and system administrators, disabling Secure Boot is often necessary when deploying Linux distributions, installing specialized software, or troubleshooting hardware compatibility issues. But with security on the line, you need to handle this process carefully.

In this article, we’ll explore:

  • What Secure Boot is and why it exists.

  • Step-by-step instructions on how to disable Secure Boot in BIOS/UEFI.

  • The risks and implications of turning it off.

  • Alternatives and best practices for system security.

  • Frequently asked questions.

By the end, you’ll understand not just how to disable it, but also when and why you should.

What is Secure Boot?

Secure Boot is a UEFI (Unified Extensible Firmware Interface) feature that ensures only trusted software, signed by authorized vendors, can run during system startup.

Benefits of Secure Boot:

  • Protects against rootkits and bootkits.

  • Blocks unauthorized firmware and drivers.

  • Ensures the system starts with a trusted OS loader.

When You Might Need to Disable Secure Boot:

  • Installing Linux distributions (Ubuntu, Fedora, etc.).

  • Running unsigned drivers or legacy hardware.

  • Virtualization testing with unsigned hypervisors.

  • Dual-boot setups with Windows and another OS.

For IT leaders and cybersecurity professionals, knowing when to keep it enabled vs. disabled is essential.

Step-by-Step: How to Disable Secure Boot

Disabling Secure Boot involves accessing your system’s BIOS/UEFI firmware settings. The exact steps vary depending on your motherboard and manufacturer, but here’s a general approach:

Step 1: Restart Your Computer and Enter BIOS/UEFI

  • Shut down your PC.

  • Turn it back on and press the BIOS key (often F2, F10, F12, Esc, or Del).

  • If unsure, check your system documentation.

Step 2: Navigate to Security or Boot Settings

  • Look for a tab labeled Security, Boot, or Authentication.

  • The Secure Boot option is typically found under these categories.

Step 3: Locate Secure Boot Option

  • You’ll see an entry labeled Secure Boot.

  • Its status will likely say Enabled.

Step 4: Disable Secure Boot

  • Change the option from Enabled to Disabled.

  • Some BIOS may first require you to set a Supervisor/Admin password.

Step 5: Save and Exit

  • Press F10 (Save & Exit).

  • Your PC will restart with Secure Boot turned off.

Manufacturer-Specific Instructions

Because Secure Boot implementation varies, here are steps for popular vendors:

Dell

  1. Boot into BIOS using F2.

  2. Navigate to Boot > Secure Boot.

  3. Set Secure Boot to Disabled.

HP

  1. Enter BIOS with Esc + F10.

  2. Go to System Configuration > Boot Options.

  3. Disable Secure Boot and confirm changes.

Lenovo

  1. Access BIOS with F1 or F2.

  2. Go to Security > Secure Boot.

  3. Disable and save.

ASUS

  1. Enter BIOS with Del key.

  2. Go to Boot > Secure Boot.

  3. Change to Disabled.

Acer

  1. Press F2 during boot.

  2. Open Boot > Secure Boot.

  3. Disable it.

Risks of Disabling Secure Boot

While learning how to disable Secure Boot is useful, you must also understand the risks:

  • Increased Vulnerability: Rootkits and boot-level malware can load during startup.

  • Compliance Issues: Organizations under HIPAA, GDPR, or ISO 27001 may require Secure Boot enabled.

  • Potential Instability: Installing unsigned drivers or OS files can cause crashes.

That’s why IT managers must balance flexibility with security.

Alternatives to Disabling Secure Boot

Before disabling it, consider these alternatives:

  • Check for signed drivers: Many vendors now sign Linux bootloaders and drivers.

  • Enable Compatibility Mode (CSM) only when necessary.

  • Use Secure Boot keys: Advanced users can add custom keys to authorize non-Microsoft OS loaders.

Secure Boot in Enterprise Environments

For enterprise security leaders:

  • Group Policy Enforcement: Secure Boot can be managed across multiple systems.

  • Endpoint Security Tools: Combine Secure Boot with Endpoint Detection and Response (EDR).

  • Zero Trust Architecture: Disabling Secure Boot may weaken a Zero Trust approach if not monitored.

This is why disabling Secure Boot should be an exception, not the rule.

Troubleshooting Common Issues

1. Secure Boot Option Greyed Out

  • Set a BIOS password.

  • Switch Boot Mode from Legacy to UEFI.

2. System Doesn’t Boot After Disabling

  • Re-enable Secure Boot.

  • Check OS compatibility with legacy boot.

3. Cannot Install OS Without Disabling Secure Boot

  • Ensure installation media supports Secure Boot (Windows 11 does by default).

Best Practices After Disabling Secure Boot

If you must disable it:

  • Use a strong antivirus/EDR solution.

  • Keep OS and firmware up to date.

  • Monitor system for unusual activity.

  • Document changes for compliance audits.

FAQs

1. Is it safe to disable Secure Boot?

It depends. For personal use and specific installs, yes—but enterprises should carefully assess the risk.

2. Do I need Secure Boot for Windows 11?

Yes, Windows 11 requires Secure Boot enabled for installation. However, workarounds exist for unsupported systems.

3. Can I re-enable Secure Boot later?

Yes, you can return to BIOS and enable it anytime.

4. Does Secure Boot slow down performance?

No. It only checks bootloaders during startup and does not impact system performance.

5. Why would Linux need Secure Boot disabled?

Some Linux distributions ship unsigned bootloaders that Secure Boot blocks.

Final Thoughts

Understanding how to disable Secure Boot is essential knowledge for IT professionals and cybersecurity leaders who manage diverse environments. While Secure Boot enhances protection against low-level attacks, there are valid cases—like testing, dual-booting, or driver compatibility—where disabling it is necessary.

The key is to weigh security risks against operational needs. Always complement this action with additional endpoint protections, monitoring, and compliance measures.

Sign up for free with Itarian today to strengthen your IT security strategy and safeguard systems—whether Secure Boot is enabled or not.

See ITarian’s IT Management Platform in Action!
Request Demo

Top Rated IT Management Platform
for MSPs and Businesses

Newsletter Signup

Please give us a star rating based on your experience.

1 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 5 (1 votes, average: 5.00 out of 5, rated)Loading...
Become More Knowledgeable
how to reopen closed tabs
How to Reopen Closed Tabs: Quick Recovery for Busy Professionals

Have you ever closed an important browser tab by accident? It happens to the best of us. Fortunately...
how to clear cache on chrome
Slow Chrome? Let’s Fix That in Minutes

Ever experienced slow-loading websites, broken page layouts, or login issues? If so, you might need ...
What Operating System is Chromebook
What Operating System is Chromebook? A Deep Dive into Chrome OS for Professionals

Have you ever wondered what operating system is Chromebook and how it fits into the enterprise tech ...
how to turn off a safe mode
Stuck in Safe Mode? Here’s How to Get Out

Has your system unexpectedly booted into a stripped-down version of itself, leaving you with limited...
Which of the Following Are Breach Prevention Best Practices
Which of the Following Are Breach Prevention Best Practices?

What if you could stop a data breach before it ever happens? In today’s threat landscape, proa...
What is the Latest macOS
What is the Latest macOS? A Complete Guide for IT and Cybersecurity Professionals

If you’re asking what is the latest macOS, you’re not alone. As Apple continues to domin...
how to restore tabs in chrome
Lost Important Tabs? Here’s How to Restore Them Quickly

Have you ever accidentally closed your browser and lost critical tabs? It happens to the best of us....
how to change windows 11 startup password
Changing Startup Passwords in Windows 11: Complete Walkthrough

Have you ever wondered how to change Windows 11 startup password for better security or easier login...
how do i rename my iphone
Top Reasons to Rename Your iPhone

Ever wondered how do I rename my iPhone when setting up a new device or organizing multiple devices?...
what does dns stand for
Why Every IT Leader Should Understand DNS

Have you ever wondered how you land on the right website just by typing its name into your browser? ...
Apple Remote Desktop
How to Remote Control a Mac: A Step-by-Step Guide to Apple Remote Desktop

Managing multiple Mac devices doesn’t have to be a hassle. Whether you’re working remotely, trou...
how to check windows version
Why Knowing Your Windows Version Matters

Ever asked yourself, “What version of Windows do I have?” You’re not alone. Whether yo...