Allow signature keys valid for Logon

This policy setting lets you allow signature key-based certificates to be enumerated and available for logon.

If you enable this policy setting then any certificates available on the smart card with a signature only key will be listed on the logon screen.

If you disable or do not configure this policy setting, any available smart card signature key-based certificates will not be listed on the logon screen.

Supported on: At least Windows Vista

Registry PathSOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider
Value NameAllowSignatureOnlyKeys
Enabled Value1
Disabled Value0


Administrative Templates (Computers)

Administrative Templates (Users)