Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

How Do I Boot From a USB Thumb Drive?

It’s harder than it used to be, all in the name of security.

UEFI has made booting from something other than the hard drive more complex. I'll review why, and what steps to take.
Applies to Windows: 11, 10
Thumb Drive Inserted.
Thumb Drive Inserted. (Image: depositphotos.com)
I downloaded a Linux image and put it on a USB thumb drive, and rebooted my machine expecting to boot Linux. To my surprise, it just booted right back into Windows. What gives? How do I get the computer to boot up from the thumb drive?

This is a common problem.

Your computer’s BIOS needs to be instructed to check for a bootable USB device before it tries to load whatever is on the hard drive. Right now, your computer is configured to either ignore USB devices, or check the hard disk first, at boot time.

The problem is that newer machines don’t have a BIOS; they have something called UEFI. And UEFI makes things more complex.

Become a Patron of Ask Leo! and go ad-free!

TL;DR:

Booting from a thumb drive

Look for an option to press a key to select the boot device as your machine reboots. Failing that, look in your UEFI settings for the “boot order”, and make sure that USB is checked for a bootable device before the internal hard disk. Note that it’s possible for these options to be disabled in the name of security.

Old school options

Many machines still support what I’d refer to as the “old school” options of rebooting, and pressing a specific key early in the boot process to make something happen.

For example, on at least one of my machines rebooting and then early in the boot process:

  • Pressing the Del key will cause the machine to enter UEFI setup.
  • Pressing the F12 key will present a list of bootable devices attached to my system, and allow me to choose which one to boot from.

That second option, if present, is ideal. If I want to boot from something other than my hard drive, all I need do is press F12 while the machine reboots, and choose the alternative I want to use.

Unfortunately, these options may not be present, either because your machine’s UEFI doesn’t support them, or because they’ve been turned off for security.

UEFI and Secure Boot

UEFI, an acronym for Unified Extensible Firmware Interface, is a new type of BIOS that includes several enhancements. You’ll often see it referred to as “UEFI BIOS”, or even incorrectly as “BIOS”, because that’s what we’ve become used to.

One of those enhancements is something called “secure boot”.

Secure boot matters because there’s a glaring security hole that’s been present in almost every PC since day one. It’s very simple and very powerful.

  • If you have physical access to a machine,
  • and you can reboot that machine,
  • and you can boot that machine from a USB device,
  • then you can gain complete access to that machine.

Secure Boot, when enabled, prevents this. It prevents changes in the boot order and can restrict booting to only “official” boot images.

Windows versions 8 and later take advantage of UEFI and Secure Boot. That means that if your system has UEFI and Secure Boot turned on, in order to boot from something other than the hard disk, you may need to turn Secure Boot off first.

Turning Secure Boot Off 

Right-click on the Start menu and hold the Shift key down while clicking on Restart.

Restart option in Windows 11
Restart option in Windows 11 (Screenshot: askleo.com)

This will reboot into a “Choose an option” screen:

Choose an option screen.
Choose an option screen. Click for larger image. (Screenshot: askleo.com)

Click on Troubleshoot (not shown) and then on Advanced options.

Advanced Options.
Advanced Options. Click for larger image. (Screenshot: askleo.com)

I can’t tell you what comes next, because it’s different from machine to machine.

You may be able to modify the settings we care about by clicking on Startup Settings, if it’s present as shown in the image above.

If present, UEFI Firmware Settings may do the trick. Click on that to go to the UEFI interface for your computer. The option to disable Secure Boot should be in that interface. You may need to check your computer’s documentation for its specific location.

Changing the boot order

Like BIOS before it, UEFI controls the boot order: which devices the computer tries to boot from and in what order.

Look for the settings to ensure the USB interface (or any CD/DVD drive) is checked before the hard disk. When set in the order, the system will boot from your recovery drive before booting from the internal hard drive.

Unfortunately some poorly designed systems may see the presence of any USB device, bootable or not, as something to try to boot from, and stall at this point. If that happens the only recourse is to disconnect that USB device, or restore the boot order to check the hard disk first.

Do this

This is something that’s worth learning about your computer before you need it in a panic later. As your machine boots look for indications that it has keypress options, and perhaps try using one. Similarly, try the Windows Shift+Restart approach to see what’s available on your machine.

And when in doubt, of course, contact the computer’s manufacturer for more complete instructions specific to your machine.

If you’re not already, why not subscribe to Confident Computing? Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

Footnotes & References

Secure Boot Overview – Microsoft Technet

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.