Solved: Secure Boot vs. Legacy - HP Support Community

GTifeld · ‎05-02-2026

I have a friend with this PC that is about 5 years old. One day, he turned on the PC and it suddenly wouldn't boot. First, he got an error screen that read "Secure Boot Violation: Invalid signnature detected. Check Secure Boot Policy in Setup." After clicking "OK", we get the screen with "Boot Device Not Found - Please install an operating system on your hard disk. - Hard Disk - (3F0)..." I went into Diagnostics and ran a thorough round of hardware tests which all passed. I then went into the BIOS setup and disabled secure boot and enabled Legacy. After that, the PC booted up normally and seems to be working just fine.

My question is: WHY was it set up that way in the 1st place? Do I need it to be set up for Secure Boot with Legacy diabled for any reason? Thank you in advance. 😊

Paul_Tikkanen · ‎05-05-2026

You're very welcome, Gary.

I would just leave it alone, because if the drive is formatted with the GPT partition table, you should be able to turn on secure boot, and it would not boot in legacy mode with a GPT partition table, so I have no idea what the problem could be.

The only other thing you could do would be to clean install W11 by booting the installation media from the EFI USB flash drive

That would require you back up any files your friend wants to keep, and then you would have to reinstall all programs and files on the new Windows installation.

View solution in original post

Paul_Tikkanen · ‎05-02-2026

Somebody installed Windows in legacy mode by booting the installation media from the legacy USB flash drive instead of the (U)EFI flash drive.

Why it doesn't boot when you disable legacy mode and enable secure boot is because in legacy mode, the drive uses the older MBR partition table instead of the newer GPT partition table and you can't boot in UEFI mode/with secure boot enabled or disabled with a drive formatted with the MBR partition table.

You can watch the video at the link below for how to convert the MBR partition table to GPT so you can disable legacy mode and enable secure boot without having to reinstall Windows.

How To Convert MBR To GPT For Free In Windows 10

GTifeld · ‎05-04-2026

Hi Paul.

Thank you for your response. I will gladly watch the video from the link you supplied, but I guess my real question is this: Do I NEED the PC to run with Secure Boot enabled and Legacy disabled? Are there any advantages/disadvantages with either scenario?

Thank you in advance.

Regards,

--- Gary

Paul_Tikkanen · ‎05-04-2026

You're very welcome, Gary.

It is not necessary to have Secure boot on unless the PC is running W11 and you want to keep it updated with the next build release without having to use a workaround that bypasses the W11 system requirement checks so you can do an in-place upgrade.

The other reason to have the GPT partition table instead of MBR would only be necessary if your friend plans to install a drive greater than 2 TB.

This article explains what Secure boot does when it is enabled:

What is Secure Boot, and should you keep it on?

I used to have all of my PC's running in Legacy mode, but I changed the settings to disable legacy mode/enable secure boot just for the fun of it, and to provide that little extra level of security.

But it is not essential for the PC to run with Secure Boot enabled and Legacy disabled--especially if it is running on W10.

GTifeld · ‎05-05-2026

Hi Paul. Thank you for getting back to me so quickly.

I followed the instructions in the video you provided, but it turns out that the disk was already set up as GPT (The PC in question is runnning Windows 11). I tried changing the boot mode in the BIOS back to "secure" just to see what would happen and, sure enough, the original problem returned. So I set it back to Legacy. Any other suggestions on how I can get it to boot in Secure mode? Or do you think I should just leave it alone? Thank you in advance, as always.

--- Gary

Paul_Tikkanen · ‎05-05-2026

You're very welcome, Gary.

I would just leave it alone, because if the drive is formatted with the GPT partition table, you should be able to turn on secure boot, and it would not boot in legacy mode with a GPT partition table, so I have no idea what the problem could be.

The only other thing you could do would be to clean install W11 by booting the installation media from the EFI USB flash drive

That would require you back up any files your friend wants to keep, and then you would have to reinstall all programs and files on the new Windows installation.

GTifeld · ‎05-05-2026

I was thinking of doing that, but not sure if it's worth the time & effort. I'll probably just leave it as is, then. Thank you once again for your time & assistance. I greatly appreciate it. 😁

Best regards,

--- Gary

Paul_Tikkanen · ‎05-05-2026

Anytime, Gary.

Glad to have been of assistance.

Cheers,

Paul

Secure Boot vs. Legacy

Create an account on the HP Community to personalize your profile and ask a question