Gatekeeper Guide: How To Secure-Install Mac Apps With It

Secure Mac

For new Mac users, one of the most basic things to do on your Mac is to install applications. However, with the Mac App Store as Apple’s default way of finding and downloading applications, getting apps from the web and other sources is not as straightforward as it used to be.

The reason for this is Gatekeeper, a feature that Apple implemented some time ago and that attempts to improve security for Mac users.

Let’s get more in detail about what exactly Gatekeeper is, what it does and how you can use (or disable) it to your advantage.

What is Gatekeeper?

If you used previous versions of Mac OS, you might have noticed that before running an app for the first time, a dialog box popped up that informed you that the application was downloaded from the Internet and then asked you to confirm that you wanted to run it. This feature is called File Quarantine, and it checks apps before you run them for the first time. It only works with files downloaded by other apps, like web browsers or email apps for example.

File Quarantine Mac1

There are issues with File Quarantine though, since it doesn’t check other types of installs, like when you copy an app installer from a USB drive for example.

With Gatekeeper on the other hand, only apps curated by Apple and available through the Mac App Store are allowed to run on Macs, along with some other applications that have been ‘signed’ by ‘identified developers’, which are developers who register with Apple.

When a registered developer signs an external app (not available through the Mac App Store), Apple uses that signature to tell who developed the app, when the developer signed it and most importantly, if the application has been tampered with after it left the hands of said developer. This allows Apple to blacklist a developer if it detects they have distributed malware, which will enable that developer to sign or distribute any other apps.

Using Gatekeeper

To enable or disable Gatekeeper, you’ll have to go to your Mac’s System Preferences and select the Security & Privacy option.

Gatekeeper Prefs

There, click on the General tab and make sure you are allowed to make changes by unlocking the option at the bottom left of the screen.

Gatekeeper Unlock

Once you do, under Allow apps downloaded from: select any of these three options:

Gatekeeper Options
  • Mac App Store: With this option, only applications downloaded directly from the Mac App Store will launch on your Mac. Those obtained from any other sources will be rejected when you try to open them.
  • Mac App Store and identified developers: As mentioned above, this setting will allow you to download third partly apps not available in the Mac App Store if have been signed by an identified developer. Personally, I think this is the best setting for most users.
  • Anywhere: As implied by its name, this option lets you install just about any application regardless of its source. Recommended for advanced users.

Once done, just close the Preferences panel and get back to work. Your app downloads will stick to the new setting right away.

Cool Tip: You don’t have to stick to one setting. For example, if you find a cool app that you know is reliable but not signed or available in the Mac App Store, you can tweak the settings above to Anywhere, install the app and then set your preferences back to a safer setting.

And there you go. Now you have a better understanding of this essential feature, and you’ll also know when to use it and tweak to take the maximum advantage of it. Enjoy!

Last updated on 03 February, 2022

The above article may contain affiliate links which help support Guiding Tech. However, it does not affect our editorial integrity. The content remains unbiased and authentic.