User authentication is a key part of any security system, whether it’s logging in to your Mac, verifying an Apple Pay payment, or accessing a company network. Mostly, the process works smoothly and without an issue, even if nowadays you often have to use a second device to carry out that verification. However, sometimes errors occur, and when they do, the result causes significant problems and can be difficult to resolve. In this article, we’ll address one of the problems that can occur and show you how to fix the “Mac authentication is disabled” error.

Why does the error appear?

There are a few reasons you might see this error message, depending on how you use your Mac:

  • Mobile device management (MDM) or endpoint security tools installed on them, possibly through the use of a profile. These tools are often deployed by organizations on computers they own that are distributed to staff to use for work. They are configured according to the organizations’ security policies, which also govern how authentication is carried out and when it is needed. Any issues with the tools or the configuration can lead to the error.
  • iCloud Keychain may cause the issue on Macs that don’t have an MDM or endpoint security tool installed.
  • Network settings. If they have changed, authentication may be disabled.

How to fix the “Mac authentication is disabled” error

There are a couple of methods for fixing the error. Follow the steps below one by one.

1. Restart your Mac and your router

Sometimes, a simple Mac restart may fix the issue, so go to the main Apple menu and click Restart.

While you’re waiting for it to boot again, restart your router to rule out the possibility that the error is caused by your network.

2. Run a script in Terminal

If your Mac is a work computer or owned by a large organization, it’s likely that the issue stems from MDM or endpoint security software. If you have administrator access, you can run a script in Terminal that will create a new secure token, which is a type of encryption key used by macOS.

To do that, follow the steps below.

  1. Go to Applications > Utilities and open Terminal.
  2. Check whether there is an encryption key by using the following command, where <username> is your Mac username: sysadminctl -secureTokenStatus <username>
  3. If Terminal confirms that secure token is enabled, disable it using this command: sysadminctl -secureTokenOff <username> -password - -adminUser <adminusername> -adminPassword -
  4. Now, re-enable it with this command: sysadminctl -secureTokenOn <username> -password - -adminUser <adminusername> -adminPassword -diskutil apfs UpdatePreboot /
  5. Reboot your Mac.

If the Mac is your own and you didn’t buy it brand new, you can check whether it has an MDM profile installed on it. If it does, use the steps above to reset the security token. To check, follow the steps below:

  1. Click on the Apple menu and choose System Settings.
  2. Choose General, then Device Management (Privacy & Security > Profiles in macOS Sonoma or older).
  3. If there is a profile installed, it will be displayed there.

If there is no profile installed, it’s possible the Mac is bound to a Microsoft Active Directory Domain. If the Mac belongs to an organization, check with its IT support department.

3. Check iCloud Keychain

If you bought the Mac new, the issue may be linked to iCloud Keychain. The first thing to do is to check that Passwords & Keychain are turned on.

  1. Launch System Settings and click on your name.
  2. Choose iCloud.
  3. In macOS Sequoia, click Passwords. Make sure that ‘Sync this Mac’ is on. In macOS Sonoma and earlier, choose Passwords & Keychain. Make sure Passwords & Keychain is turned on.

If Passwords & Keychain is turned on and you still get the error, it’s possible that you or someone else reset the Keychain. If so, the solution is to set up iCloud Keychain again from scratch. This will delete all the passwords stored in iCloud, including autofill passwords for websites. However, it may be the only way to re-enable authentication. Here’s how to do that:

  1. Turn off Passwords & Keychain in Settings on your Mac.
  2. Turn off Passwords & Keychain on other devices linked to your iCloud account. To do that in iOS, go to Settings > Apple Account > iCloud > Passwords & Keychain and set the switch to off.
  3. Once you’ve turned the setting off on all your devices, open Keychain Access on your Mac.
  4. Confirm you want to launch Keychain Access and not Passwords (if your Mac is running macOS Sequoia).

  5. In Keychain Access, click Keychain Access in the menu bar and choose Settings.
  6. Click Reset Default Keychains.
  7. Turn Passwords & Keychain back on on all your devices.

How to fix lots of problems with your Mac in one go

The “Mac authentication is disabled” error is just one of the problems that can occur while you’re using your Mac. There are many more. The best way to avoid them is to carry out regular maintenance, just as you would on a house or car. The difference is that in this case, instead of checking tire pressure or fixing leaks in the roof, you use software to, for example, reindex Spotlight, free up purgeable disk space, flush DNS cache, or repair disk permissions. Flushing DNS cache can also fix the error if it was caused by changed network settings.

Doing all that manually takes expertise and time and is a bit of a chore. But it doesn’t need to be. CleanMyMac’s Performance feature can do it all for you. It scans your Mac, looking for maintenance tasks that need to be run, and then shows you what they are. You can either run them all with a click or review what it has found and choose which ones to run. It can also help you manage login and background items to help you keep your Mac running smoothly.

Here’s how to use it:

  1. Get your free CleanMyMac trial
  2. Choose Performance in the sidebar and click Scan.
  3. In the Maintenance pane, click Run Tasks or Review.

If you see the error “Mac authentication is disabled”, it could be caused by a problem with third-party mobile device management or endpoint security software. Or it could be an issue with iCloud Keychain. Follow the steps above to identify the likely cause in your situation and to fix it.