Gatekeeper is one of the Mac's main lines of defense against malware.

Gatekeeper has been built into OS X since the days of Mountain Lion, but if you open up Spotlight and search for it, you won't find an app or system preference by that name. Gatekeeper is what Apple calls OS X's defense against "malware" — malicious software. Gatekeeper restricts how software from third-party developers runs on your Mac, so understanding what it is and how it works can be pretty important.

What is Gatekeeper and should you use it?

Apple offers the Mac App Store as a safe and convenient way to download apps for your Mac (and to update system software too). It operates similarly to the App Store on iPhone and iPad. But there's one key difference: Unlike the iPhone and iPad, the Mac isn't restricted from running software just from the Mac App Store. You can download Mac apps from anywhere.

Given that reality, Gatekeeper helps OS X makes sure that app is safe to run, even if it's not from the Mac App Store. Gatekeeper checks for the presence of a digital certificate embedded in the app itself that tells the Mac the app is from a signed developer who has registered with Apple.

The default setting for Gatekeeper on most Macs is "Mac App Store and identified developers." (The exception is OS X Lion 10.7.5. This was the first time Apple offered Gatekeeper, and its default setting is "Anywhere.") If you try to change the setting to "Anywhere", the Mac will warn you against it (though it will make the change if you tell it to.)

You can shut off this protection, though I wouldn't recommend it. Gatekeeper is there to stop malware from getting on your Mac, and that's a good thing.

How to use Gatekeeper

  1. Open up your Mac System Preferences.
  2. Click on Security & Privacy.
  3. Security & Privacy shows your Mac's security settings. The setting that says "Allow applications downloaded from" are the Gatekeeper settings.
  4. If you want to change those settings, click on the lock icon you see in the lower left hand corner of the Security & Privacy window.
  5. Enter your administrator password.
  6. Change the setting to Mac App Store, Mac App Store and identified developers, or Anywhere. Use Anywhere with extreme caution!
  7. Click the lock when you're done to save changes and prevent any more changes from being made.

Bonus tip

You can also open apps from unidentified developers in the Finder. If you've downloaded an app and the Mac won't let you open it, follow these steps.

  1. Control-click or right click on the app.
  2. Select Open from the top of the contextual menu.
  3. Click Open in the dialog box that appears.
  4. You may be prompted for a system administrator user name and password, which is safe to enter.