Policy

Allow signature keys valid for Logon

Microsoft Windows

Back to Smart CardBack to main
Allow signature keys valid for Logon
Jump to overview

Policy overview

Key metadata and intent for this policy.

Computer
Category
Windows Components > Smart Card
Supported on
At least Windows Vista

Supported OS tags: Windows10, Windows10RT, Windows11, Windows7, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2008, WindowsServer2012, WindowsServer2012R2, WindowsServer2016, WindowsVista

This policy setting lets you allow signature key-based certificates to be enumerated and available for logon. If you enable this policy setting then any certificates available on the smart card with a signature only key will be listed on the logon screen. If you disable or do not configure this policy setting, any available smart card signature key-based certificates will not be listed on the logon screen.

Internal name
AllowSignatureOnlyKeys
Policy ID
e767540710bf
Elements
0

Registry values

How enabled and disabled states update the registry.

ScopeRegistry locationTypeEnabled valueDisabled valueCopy
Computer
Path
SOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider
Value name
AllowSignatureOnlyKeys
REG_DWORD
HKLM
1
HKLM
0
Registry location
Type REG_DWORD · Computer
Path
SOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider
Value name
AllowSignatureOnlyKeys
Hive
HKLM
Enabled value
1
Disabled value
0

Policy elements

Inputs and configuration options exposed by this policy.

This policy has no additional user input fields.