How-To

How to safely open apps from unidentified developers

Every time you launch an app for the first time, macOS will use that application’s Developer ID to verify whether it’s from an identified developer.

By default, macOS will warn you about any apps that are a) installed from outside the official App Store, and b) published by unidentified developers. Depending on your settings, macOS may even block you from using any application that doesn’t fulfil this criteria.

While macOS means well, this security measure can prevent you from launching and using countless perfectly legitimate applications. After all, just because an app was published outside of the App Store, or was released by an unidentified developer, doesn’t automatically mean that application is dangerous!

In this article, I’ll show you how to override macOS’ security settings, so you can launch any application, regardless of whether that application was released by an identified or an unidentified developer, and whether it was downloaded from the official App Store, or a different location entirely.

And, since malware is a huge concern every time you install new software, I’ll also be sharing some tips, to help ensure you only ever install legitimate, malware-free applications.

Change your Security & Privacy settings

Depending on how your Mac is setup, macOS may only allow you to launch applications that are downloaded from the official Apple App Store, even if the application in question is from an identified developer.

If you regularly download apps from outside the App Store, then you may want to specifically allow apps that are downloaded from the App Store and identified developers:

  • Select the “Apple” logo from your Mac’s menu bar.
  • Navigate to “System Preferences > Security & Privacy.”
  • Select the little padlock icon in the bottom-left corner.
  • Enter your password when prompted.
  • Select the following checkbox: “App Store and identified developers.”

Opening apps from unidentified developers: Staying Safe

Although there are countless perfectly legitimate apps released by unidentified developers, you are more likely to encounter malware when downloading this kind of software, compared to applications downloaded from the App Store, or apps released by identified developers.

If you do decide to permit apps from unidentified developers, then Apple won’t have vetted these applications, so you’ll need to be extra vigilant against any potential malware:

  • Always download your apps from a reputable source. The most trustworthy source is always the app’s official website, or the website of the developer or company who created the app. Although there’s countless third party download sites, some of these are guilty of wrapping legitimate software inside installers that contain adware, trialware, unwanted apps or even straight-up malware. You should avoid third party websites wherever possible, and be particularly suspicious of any third party that’s offering proprietary software for free – as the old saying goes, if something seems too good to be true, then it probably is!
  • Do your research. Typically, if there’s a big problem with a piece of software, then at least one person will be complaining about it somewhere online! Before downloading an app, look for some reviews or comments about the application itself, and potentially the developer or company who’s responsible for that application. Social media sites like Twitter, Instagram and Facebook can also be a great indicator of how happy users are with a particular app. Just be aware that some less reputable companies and developers aren’t above posting fake reviews, or using bots to flood social media with positive comments.
  • Keep your operating system up to date. Apple are pretty good when it comes to security updates, so to help keep your Mac secure you should always be running the latest and greatest version of macOS. To check whether an update is available, open the App Store, select “Updates” and look for any available “Software Updates.” You can also enable automatic updates, by opening your Mac’s “System Preferences…” and selecting “App Store.” Make sure “Automatically check for updates” is selected, and then select both “Install macOS Updates” and “Install system data and security updates.”

Launching apps from unidentified developers

There are two ways to launch apps from unidentified developers.

Firstly, you can permit apps from unidentified developers on an app-by-app-basis, by temporarily overriding your Mac’s security settings. This encourages you to think critically about each application before launching it, and is therefore one of the safest ways to use apps from unidentified developers. Alternatively, you can use the Terminal to uncover a hidden setting, which will allow you to launch all applications from unidentified developers, without so much as a popup warning you about the app’s unidentified status!

Let’s start with the safest option. If you’ve just installed an app from an unidentified developer and you’re certain that this app is safe to use, then you can temporarily override the security settings for that application only:

  • Open a “Finder” window and navigate to the application that you want to launch.
  • Control-click the app in question and then select “Open.”
  • Read the onscreen warning, and if you’re happy to proceed then click “OK.”

This app is now saved as an exception to your Mac’s security settings, and you can launch it at any time by double-clicking it, just like any other application.

Alternatively, if you’ve attempted to launch the application and have been blocked within the past hour, then you can mark this app as an exception in your Mac’s “System Preferences.”

  • Click the “Apple” logo in your Mac’s menu bar.
  • Navigate to “System Preferences… > Security & Privacy.”
  • Make sure the “General” tab is selected.
  • Click the little padlock icon and enter your admin password.
  • Find the section that states “(App name) was blocked from opening because it is not from an identified developer,” and then click its accompanying “Open Anyway” button. An exception will be created that’ll allow you to launch this app normally from this point onwards.

Allow apps from anywhere

We’ve already seen how you can modify macOS’ security settings to permit applications from unidentified developers on an app-by-app basis, but you can also permit all apps from unidentified developers, via a hidden system setting.

But first, a word of warning: this setting does put you at greater risk of launching malware or viruses that are masquerading as legitimate software. Although they can be frustrating, macOS’ warnings about unidentified developers and applications “downloaded from the Internet” are designed to help keep you safe.

If you’ve weighed up the risks and still want to be able to launch unidentified apps, then you can enable this (risky) “Allow apps from anywhere” setting:

  • Open a new “Finder” window.
  • Navigate to “Applications/Utilities” and launch the Terminal app.
  • Copy/paste the following command into the Terminal:

sudo spctl –master-disable

  • Press the “Enter” key on your keyboard.
  • When prompted, enter your admin password. Press “Enter”
  • Open your Mac’s “System Preferences…” and navigate to “Security & Privacy.”
  • Make sure the “General” tab is selected.
  • Click the little padlock icon and enter your admin password when prompted.
  • Select the new “Anywhere” radio button.

Disable and remove “Allow apps from: Anywhere”

“Allow apps from anywhere” isn’t exactly the safest way to run your Mac!

If at any point you change your mind and want to err on the side of caution, then you can restore your Mac to its original settings:

  • Navigate to “System Preferences > Security & Privacy.”
  • Click the little padlock icon and enter your password.
  • Select either “App Store,” or “App Store and identified developers.”

Alternatively, if you share your Mac with other people, then you may feel more secure removing the “Anywhere” option entirely:

  • Launch the Terminal application (“Applications/Utilities/Terminal”).
  • Copy/paste the following command into the Terminal:

sudo spctl –master-enable

  • Press the “Enter” key on your keyboard.
  • Enter your password when prompted.

Head over to “System Preferences > Security & Privacy,” and the “Anywhere” option should have disappeared.

About the author

Jessica Thornsby

Jessica Thornsby is a technical writer based in Sheffield. She writes about Android, Java, Kotlin and all things Apple. She is the co-author of O'Reilly's "iWork: The Missing Manual," and the author of "Android UI Design," from Packt Publishing.

Add Comment

Click here to post a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.