How to Enable and Disable Driver Signature Enforcement?
Driver signature enforcement helps protect a system from cybercriminals and malicious activities. How?
Microsoft, the tech giant, introduced driver signature enforcement in Windows OS, including Windows Vista/XP/7/8/8.1/10, to check code integrity before proceeding with the installation.
Generally, it’s good to check the driver’s integrity to ensure it’s coming from a trusted manufacturer and is certified by Microsoft.
Despite all the advantages of driver signature enforcement, there are some specific scenarios where it needs to be disabled.
For instance, some programs’ driver files don’t have digital signature authentication because they don’t pay Microsoft to get a verified certificate.
If you trust one of those unsupported drivers, here are two ways to disable driver signature enforcement. But always remember, the trust factor is crucial!
How to Disable Driver Signature Enforcement?
Method 1. Disable Driver Signature Enforcement in Startup Settings
Before we explain the detailed procedure, here are some important points to remember.
- This method will only temporarily disable driver signature enforcement.
- As soon as you restart the computer, driver signature enforcement will automatically be enabled, and unsigned installed drivers will stop working.
Step 1: On the system’s start menu, click on the “Restart” button.
Step 2: Once the system reboots, click on the “Troubleshoot” option.
Step 3: Choose “Advanced options” in “Troubleshoot”.
Step 4: In “Advanced options,” click on “Startup Settings”.
Step 5: In “Startup Settings,” click on the Restart button.
Step 6: You’ll see a list of options, and to choose “Disable Driver Signature Enforcement,” press “7” or “F7”.
Finally, the system will automatically restart with driver signature enforcement until you restart it.
Method 2. Disable Driver Signature Enforcement using CMD Prompt
This is the quickest and easiest way to disable driver signature enforcement. Here’s how it works!
Step 1: Click on the system’s Start button and type “Command Prompt”. Further, press “Run as administrator”.
Step 2: Execute the following command in the Command Prompt.
bcdedit /set nointegritychecks on
The driver signature enforcement will be turned off! To confirm this, run the “bcdedit” command in the same command prompt window, and if “nointegritychecks” shows “Yes,” then you can install unsigned drivers.
Method 3. Disable Driver Signature Enforcement with Local Group Policy Editor
Step 1. Open the “Run” dialog box in the PC, type “gpedit. msc,” and press Enter to open Local Group Policy Editor (LGPE).
Step 2. In the Local Group Policy Editor (LGPE) window, from the left panel, head to User Configuration > Administrative Templates > System > Driver Installation.
Step 3. Right-click on the code signing for driver packages button and select Edit.
Step 4. Check the Enabled radio button, and in the options menu, click on the dropdown and select Ignore. Finally, click OK to apply the changes accordingly.
If you wish to re-enable driver signature enforcement, head back to step 4 and set the radio button to “Not configured.”
How to Enable Driver Signature Enforcement?
Enable Windows 10 Test Signing Mode
This method is for those who don’t want to permanently disable driver signing. You can put Windows 10 in test mode and install unsigned drivers. Here’s how to do it!
Step 1. In the Search bar, write cmd and right-click Command Prompt to choose Run as administrator.
Step 2. Execute the below command and press Enter.
bcdedit /set testsigning on
Step 3. Close or shut the Command Prompt window and restart the system.
Enable Driver Signature Enforcement
Step 1. Open the Command Prompt according to the steps mentioned above.
Step 2. Execute the following command and press Enter.
cdedit.exe /set nointegritychecks off
Step 3. Restart the system to re-enable driver signature enforcement.
The Bottom Line
Installing unsigned drivers is not recommended because it’s unsuitable for security purposes. Still, if you trust the driver, you can install it using the methods mentioned above.
Microsoft Authenticode Signing
Verify the Integrity of your Software by Adding Authenticode Signature on 32/64 bit Software Binaries using Code Signing Certificate.
Buy Authenticode Code Signing Certificates