diff --git a/common/main.c b/common/main.c
index d517636f0e..c1f4bbdce6 100644
--- a/common/main.c
+++ b/common/main.c
@@ -168,9 +168,21 @@ test_mockable __keep int main(void)
 	 *
 	 * Only the Read-Only firmware needs to do the signature check.
 	 */
-	if (system_get_image_copy() == SYSTEM_IMAGE_RO &&
-	    rwsig_check_signature())
-		rwsig_jump_now();
+	if (system_get_image_copy() == SYSTEM_IMAGE_RO) {
+#if defined(CONFIG_RWSIG_DONT_CHECK_ON_PIN_RESET)
+		/*
+		 * If system was reset by reset-pin, do not jump and wait for
+		 * command from host
+		 */
+		if (system_get_reset_flags() == RESET_FLAG_RESET_PIN) {
+			CPRINTS("Hard pin-reset detected, disable RW jump");
+		} else
+#endif
+		{
+			if (rwsig_check_signature())
+				rwsig_jump_now();
+		}
+	}
 #endif
 
 	/*
diff --git a/include/config.h b/include/config.h
index 3a989294ee..00e1f50e4b 100644
--- a/include/config.h
+++ b/include/config.h
@@ -1818,6 +1818,12 @@
  */
 #undef CONFIG_RWSIG
 
+/*
+ * Disable rwsig jump when the reset source is hard pin-reset. This only work
+ * for the case where rwsig task is not used.
+ */
+#undef CONFIG_RWSIG_DONT_CHECK_ON_PIN_RESET
+
 /*
  * When RWSIG verification is performed as a task, time to wait from signature
  * verification to an automatic jump to RW (if AP does not request the wait to