How to Enable or Disable Driver Signature Enforcement in Windows 11

This article describes enabling or disabling the driver signature enforcement feature in Windows 11.

Windows has a driver signature enforcement feature that requires all drivers to be signed by Microsoft before they can be installed and loaded into the kernel.

This feature is there to help prevent malicious and unwanted software from being installed on your machine. Before a code or package can be loaded into the Windows kernel, the publisher’s identity and integrity must be validated.

However, there may be cases where you want to use a particular device driver that isn’t signed or trusted by Microsoft. With driver signature enforcement enabled, you won’t be able to install the device driver.

To install unsigned drivers, you must disable driver signature enforcement, and the steps below show you how to do that.

Turn on or off driver signature enforcement in Windows 11

As described above, Microsoft recommends that all drivers be signed and trusted to protect your Windows device before loading into the Windows kernel.

For older drivers you want to install on your Windows machine, you may have to disable the driver signature enforcement feature in Windows.

Here’s how to enable or disable it.

First, you must suspend or turn off BitLocker. If you have Secure Boot enabled, you must also turn it off before you can disable driver signature enforcement.

Next, restart Windows into Advanced Startup (WinRE).

In Windows 11, click on Start > Settings > System > Recovery. Under Recovery options, select the Advanced startup tile, then click Restart now.

Windows will reboot into its Advanced Startup menu. There, select Troubleshoot.

windows 11 advanced startup boot troubleshoot
Windows 11 advanced startup boot troubleshoot

Next, select Advanced options.

windows 11 advanced startup boot advanced options
Windows 11 advanced startup boot advanced options

On the Advanced options menu, select Startup Settings.

Windows advanced options startup settings
Windows advanced options startup settings

Click the Restart button to restart and change Windows options on the Startup Settings menu.

Windows startup settings menu
Windows startup settings menu

Once Windows restarts, click the number 7 or F7 function key on your keyboard to select the drive signature enforcement option on the list.

Windows disable signature enforcement option
Windows disable the signature enforcement option

After selecting the option above, Windows will boot normally with the driver signature enforcement feature disabled, allowing you to install unsigned drivers on the computer.

To reenable, follow the steps above and select the number 7 or F7 function key on your keyboard.

Enable or Disable Driver Signature Enforcement via the Command Prompt

Alternatively, you can use the comment prompt to enable or disable driver signature enforcement feature in Windows 11.

You must also suspend or turn off BitLocker and disable Secure Boot.

After that, open the Windows Terminal app as administrator, and open the Command Prompt tab.

Once the Terminal app opens, run the commands below to turn off driver signature enforcement.

bcdedit /set nointegritychecks off

To turn it back on, run the commands below:

bcdedit /set nointegritychecks on

Then, restart your computer for the changes to apply.

Conclusion:

This post showed you how to enable or disable driver signature enforcement feature in Windows 11. If you find any errors above or have something to add, please use the comment form below.