How to Allow Apps from Anywhere in macOS Gatekeeper (Monterey, Big Sur, Catalina, Mojave, Sierra, High Sierra)

Sep 27, 2016 - 88 Comments

Allow apps from anywhere in Gatekeeper for macOS

Gatekeeper in MacOS is now stricter than ever, defaulting to only allow options for apps downloaded from either the App Store or the App Store and identified developers. Advanced Mac users may wish to allow a third option, which is the ability to open and allow apps downloaded from anywhere in macOS Ventura, macOS Monterey, MacOS Big Sur, macOS Catalina, macOS Sierra, macOS High Sierra, and MacOS Mojave.


To be clear, the “Allow applications downloaded from anywhere” option is hidden by default in Gatekeeper for macOS from Sierra onward. You can see this by going to the Security & Privacy preference panel, and under the “General” section you will not find such an option for Gatekeeper app allow settings. Despite that, with a little command line intervention you can reveal the third option and regain the ability to open apps that come from anywhere.

This is not recommended for most Mac users, only advanced Mac users and developers who have the ability to accurately gauge app validity should use this method, which involves disabling Gatekeeper from the command line, thereby removing the standard Gatekeeper security mechanisms in Mac OS.

How to Allow Apps from Anywhere in Gatekeeper for macOS Ventura, Monterey, Big Sur, Catalina, Mojave, Sierra

  1. Quit out of System Preferences
  2. Open the Terminal app from the /Applications/Utilities/ folder and then enter the following command syntax:
  3. sudo spctl --master-disable

  4. Hit return and authenticate with an admin password
  5. Allow gatekeeper apps from anywhere macOS

  6. Relaunch System Preferences / Settings and go to “Security & Privacy” and the “General” tab
  7. You will now see the “Anywhere” option under ‘Allow apps downloaded from:’ Gatekeeper options
  8. Allow gatekeeper apps from anywhere in macOS

You’ll now be able to open and launch apps from anywhere under macOS Mojave, High Sierra, and Sierra, but be forewarned this turns off Gatekeeper and is not recommended for the vast majority of Mac users.

Allowing apps from anywhere including unidentified developers can potentially leave a Mac vulnerable to certain malware and junkware and should be avoided by all Mac users with the exception of those with genuinely advanced abilities.

Another approach is to manually add Gatekeeper exceptions via the command line, a solution which may be more appropriate than simply allowing everything to skirt past Gatekeeper.

Returning to Default Gatekeeper Security in macOS Ventura, Monterey, Big Sur, Mojave, High Sierra, Sierra

You can also reverse this and go back to the default strict Gatekeeper settings of only allowing apps from the Mac App Store and identified developers by issuing the following command string:

sudo spctl --master-enable

Hitting return and re-authenticating will return macOS Gatekeeper back to its strict default state of disallowing random apps from launching.

Default Gatekeeper security in macOS

Nearly every Mac user should leave this feature enabled in the default state. If you do not have the ability to easily discern which apps are legitimate or not, you should absolutely not change this option. The “app can’t be opened because it is from an unidentified developer” message is there to offer protection to the vast majority of Mac users and should not be ignored.

.

Related articles:

Posted by: Paul Horowitz in Mac OS, Security, Tips & Tricks

88 Comments

» Comments RSS Feed

  1. Doc says:

    While the command works, as others have pointed out it still does not stop the OS from warning you before running any document or media that you download. It is still trying to pipe everything through this bs process. I am tempted to roll back an OS version at this point.

  2. Sebastian says:

    Not working with Virtualbox

  3. Sebastian says:

    That option should be enabled by default. MacOS by definition is open system, not like iOS and iPad OS so user should always be able to install whatever he wants. Security does not matter as long as it makes using computer more convenient.

  4. fad says:

    sudo: /etc/sudoers is world writable
    sudo: no valid sudoers sources found, quitting
    sudo: error initializing audit plugin sudoers_audit

    this is the error message i get. Kindly help me. I use a macbook pro 2020, with the intel chip, macos bigsur catalina version 11.2.3

  5. JP says:

    Still get the same message (unindentified developper message), even after allowing apps from Anywhere. Any knows why this happens?

  6. Diego Fernandez says:

    THANKS SO MUCH !!!!

  7. Nick says:

    Hey dude,

    I have followed your steps to allowing apps from anywhere and I now get the choice to select ‘Allow apps from ANywhere’ but I still get the same error message: ‘This installation failed’

    Any clues what I can do mate?

  8. Steven says:

    You have no idea how glad I was to find this information! Ever since updating to OSX Catalina, I’ve found it difficult to even launch applications (even Apple branded Applications) without getting the aggravating “Unidentified developer” pop-up 8 to 10 times per line item, with some applications, such as Motion, requiring I click “Cancel” on the pop-up window 100-200 times before the application even launches. I get they want to go 64-bit going forward, but not all apps (even Apple apps) are ready to support this 100%. Good riddance!

  9. Rakesh says:

    Hi Team

    Not copy from tftp server error code is – Feb 22 14:21:10 Rakeshs-MacBook-Air com.apple.xpc.launchd[1] (com.apple.tftpd[36416]): Service exited with abnormal code: 1

    Mac OS Detail – MacOS Catalina 10.15.3

  10. Malachi says:

    Thank you! It worked.

  11. Tomas says:

    Ola MacOSXDaily!

    I have a sentinel Dongle driver which the MacOS doesn’t allow to be installed:
    After trying the tricks I saw here in the website, I can click in the “Allow” button, but simply doesn’t work:
    https://skb.serendipity-software.com.au/sentinel-dongle-driver-macos-mojave-app-permission-3524/
    I found the same issue here:
    https://github.com/tekezo/Karabiner-Elements/issues/1017
    Any idea what can be done?
    Thanks a lot
    Tom

  12. Rail says:

    Thank you very much! Its work well!

  13. Kevin says:

    I’m having this same issue; I followed the terminal instructions and now “anywhere” is visible and the chosen option, but I’m still getting the error “…is damaged and can’t be opened. You should move it to the Trash.” with several items. Any ideas?

    • tij says:

      If the app is damaged, try re-downloading it from the source and unzipping it again. The app may have been an incomplete download or corrupted, and Gatekeeper won’t fix apps that show the “app is damaged and can’t be opened” error. The simplest resolution is to download the app again. You can try using a different web browser too.

  14. laurie says:

    this overactive nannying will surely push less computer literate people away from installing indy software, by suggesting it’s untrusted/dangerous. The fact that signing the app is a paid rolling subscription is disgusting. Not sure if I’m mad or sad…

  15. darius says:

    OMG, that command line command has kept me from going insane!!!

    Thank you for this post very much.

  16. Gussy says:

    Thank you VERY MUCH…easy to follow..very appropriate…just subscribed!!

  17. Lasitha says:

    Thanks
    Very useful

  18. Cherryl Bennett says:

    I believe I made a comment about this, not long ago. I want to make another. My son and his wife have used mac for years. They upgraded to High Sierra and still are able to select to download from anywhere, simply by going to the area where that is done.

    I, on the other hand, have to keep these commands saved to textedit, so that every single time I need to download and install something, I can disable gatekeeper, get the download and install done, then go enable gatekeeper again, all having to go to terminal and put in commands to get this done.

    This is not only ridiculous, this is utter stupidity. What is the difference in simply being able to select to download from anywhere, than having to go through this pain of disable and enable by the use of commands, but that it is making my experience with using a mac to be a most dreaded one.

    I am more often dragging out my Windows laptop, because all is simple, rather than going through this royal pain just to do what I want to do on my laptop. And there are other things about the mac that is a pain in the behind, but this one is the worst.

    Another pain is that I simply would like to create a shortcut on my desktop and also have the icon in the menu bar, but I keep having to read and read to find out what long process I must go through in order to do this, what should be a very simple task, just to get this done.

    I hate that I have purchases a mac because I do not enjoy my time being made a misery. I simply want to get on my laptop and do what I want to do, without such misery. By the time I go through these long stupid processes to do something that should be very simple, I am too tired, mentally exhausted from having to search and search and read and read to find out what to do, that should be just a simple little task to do, to even do what I came to my laptop to do.

  19. anon says:

    I can’t stand macOS made for monkeys. 50 hoops to jump through every time you need to do something simple.

  20. Jalal Khan says:

    it works thanks bro

  21. noname says:

    Thanks! Wish I could turn off all this baby sitting stuff with one click….

  22. Bob Johnson says:

    After I do all of that, and try to install Adobe CS5.5, I get, at the last step, an error 35 message and a rejected install.

    Ideas anyone?

  23. BigDaddy says:

    Friggin thanks! I use JiTouch to expand my magic mouse capabilities. Its a pref pane so there is no control clicking it to make it open every time.

  24. sad says:

    That’s laughable, they turned macos into a system for idiots

  25. Brilliant!!!! I’ve been stuck for two days not being able to install anything. Apple support was unable to help me. I’ve reinstalled High Sierra twice and safe mode didn’t work and I couldn’t find any solutions on web. Finally found your fix and the world is a good place again. Thank you.

  26. Alex Hall says:

    Apple,

    Requiring a user to enter a super user terminal command to enable even the *option* to install “unverified” third party software is 4@@!7@ anti-competitive! So is requiring developers to this way to opt-in to a paid verification program, *or else.*

  27. Stefano says:

    Thank you.

    By the way, how can I completely replace sierra with windows10 on a macbook air 2016 and an imac 2015?

  28. kent says:

    thank you so much!

  29. Anurag Lohan says:

    It did work for me too thanx a lot :)

  30. Evance D. Ajwang says:

    It works for me i needed it for mac os sierra, 5 star salute.

  31. Christine says:

    Hi
    I followed all the instructions above, but I still get an error message when I click on Bibisco to launch it. I have a screen capture of the error but cannot include it here.

    It says : ” An Error has occured. Se the log file /Users/mac/.eclipse/487195311_macosx_cocoa_x86_64/configuration/1498230110157.log.

    Does it ring a bell to anyone?

    Thx
    C.

  32. Kim says:

    This was very helpful! Thank you very very much! I was on the phone with Apple Technical service for more than 3-hours. My call was escalated, but Apple Technical Service employees could not figure the issues (even after I kept saying “the Anywhere” option is not visible).

    It took me weeks to find this information, but Thank you

  33. Abe says:

    Thanks so much. This helped me very much.

    Strangely, sometimes Sierra reverts back from “Anywhere” to “App Store” again. Anybody experienced this as well?

  34. Abe says:

    Thanks so much. This helped me. Strangely, sometimes Sierra reverts back from “Anywhere” to “App Store” again. Anybody experienced this as well?

  35. Reza says:

    Very useful. Thank you.

  36. galaflor says:

    I tried this but it asked for an admin password with a key icon. Where do I find the admin password?

  37. CplHare says:

    Outstanding tip! Thank you

  38. irina says:

    Hi, guys!
    I tries every step described above but is not working. after Im typing the command a small grey key shows up and doesnt let me type anything inside the terminal. I have the admin password but I cant do anything with it.
    I bought the computer a week ago from a guy who gave me all the data he thought I might need. I went to the Apple store and the guys from there told me that the comp is locked in some way by i dont know what sort of directory from the selling company and that I have to talk to them in order to I dont know what because I dont understand much from this SF language.
    And this is not the only weird issue I have with the computer. Sometimes it tells me that in order to run or download a certain app I have to download the last OS version, or an OS newer than Lion/Snow Leopard etc. But I am already at Sierra. wtf? Or trying to run Imovie I bumped into: you cant use this because the comp belonged to another user.
    What do I do? Do I have to reinstall the system? I have also windows in Bootcamp and I am not sure how complicated this would be.
    Thanks for help in advance.
    Irina

  39. Matthew says:

    Thanks for this! I have a question though… Initially, by mistake, I entered the following into the terminal:

    sudo spctl

    And nothing else! A load of type came up. I am not at all conversant with these things, I wonder, has entering this alone caused any problems for my Mac? Any guidance on this is much appreciated!

  40. Samuel says:

    Thank you !! Big amount of useless topics but this one is finally solution. Thanks !!

  41. Karolis says:

    You are genius. Thank you

  42. BRIAN says:

    why am i getting this when i type the command in?

    We trust you have received the usual lecture from the local System
    Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

    Password:
    Sorry, try again.
    Password:

  43. Samantha Atkins says:

    This is nice to know but I am not happy. Developers either pay Apple a tax to sign apps or worse, put up with all the app store restrictions and pay 30% of sales OR they are locked out of serving the needs of most would be customers.

    The average customer is not going to even go see that they can allow your app to run, much less do something on the command line.

    This is not about security. This is about Apple exerting as much control and extracting as much money as possible. Please stop excusing it as about security. Security is not that hard without such restriction.

  44. Gumonx says:

    it works! thanks a lot! I where having trouble to install folx. Just a Quick question, can we just leave this to have the “anywhere” option or is mandatory to re do the: sudo spctl –master-enable on terminal?

  45. Nilesh Parmar says:

    Genius, thank you.

  46. Remy says:

    Hi,

    I followed all the step but the “anywhere” doesn’t appear. I’m on MacBook Air if that can help. If there is still someone here a little help would be really great.

    Thanks in advance,
    Rémy

  47. MArtin says:

    Thank you so much for this one, and no, the Control-Click – Open thing does not work anymore on macOS Sierra

  48. veronica says:

    can I just select back the identified developers option or does it somehow defaults back to the “anywhere” if I don’t change it?

    • veronica says:

      ok apparently it doesn’t matter because the option “anywhere” went away just by changing the selection to identified developers and closing the system preferences

  49. Stanley Gorczynski says:

    Couldn’t you just click the Anywhere option to launch a particular as before and then return and select the App Store and Developers option??? As before???

  50. Stanley Gorczynski says:

    I’ve had trouble launching a legit outside app and the company’s troubleshooting guide said to delete it and reload and launch but now I cannot install it using either method (Contol click in Apps or Anyway in Sys Pref). It gives me the option to install it anyway but when I hit ok i get this msg. osstatus error -67071

    Pls help

  51. Tyler Arndt says:

    Have a couple programs for work that would no longer work after I updated my OS. This was an easy fix!

    THANK YOU SO MUCH!!!!

  52. Carl Smith says:

    It’s all about turning OS X into iOS. Apple make much more money charging huge premuims on phones and mobile apps than selling laptops to developers, and clearly thinks increasing margins is more important than market share. Basically, install Linux.

  53. Gert says:

    Actually I hate it that Apple takes away choices the users previously had. Apple took away the acces to the Library to prevent that some stupid people make mistakes. That was easy to pass by, but still Apple is trying to take our freedom without explaining and without giving different options.
    I just want to keep my personal choice. I seldom pass the safety preferences of apple, only so once in a while, and I restore the default settings immediately there after. Step by step Apple is taking over as a advanced Big Brother that knows best, instead of educating people. It’s almost like religion. The pastor knows what’s best for you.

    I have not installed the new system just because of this.

    By the way, is the command line option just to restore the “Anywhere” button, so I can act like before? and restore full safety when returning to the other two buttons? or is restoring the “Anywhere” button include a limited safety to the other two buttons?

  54. Morgan says:

    Apple has gone overboard trying to “nanny” its users. It is a vicious world out there, but the fact is that the number of truly malicious apps is small. Outright banning the ability to run apps that aren’t signed is a bit like the government stepping in and banning anyone from eating fruit that’s not organic… (unless they ctrl-alt-click the non organic banana in just the right place, to indicate their acceptance that the suspect yellow fruit might cause their head to explode upon consumption.)
    Apple… I have found myself desiring to get away from your nannyish self, seriously, for the first time in 20+ years of use (i.e. NeXT then OS X). If the alternatives weren’t so awful, I’d already be gone.

  55. Joe says:

    First “App Nap” and now forcing the extra $99 a year from developers. I don’t like the dictatorship that Apple is doing with OS X. I’ll be the judge when my apps should stop functioning and why confuse your average user on why some apps will not run? Sandboxing should solve most issues from misbehaving apps/developers. Apple is getting annoying and over thinking some of the simplest things.

    • Gareth says:

      Let’s face it, Apples ethos with OSX is turning into Microsoft’s ethos for Windows by filling it with bloatware and making its performance worse. Each upgrade slows down the machine start up and we are now seeing the the spinning Windows disc as often as we used to see the egg timer on Windows. Apple are just getting greedy having grabbed so many niches in the market. Just revisit what happened to Blackberry, Nokia and almost to Microsoft and try to stop pissing off your customers.

  56. Ted says:

    It’s been about a week without any Mac OS or iOS updates. I’m feeling unloved Apple. Are you guys asleep or what.

    GIMME MORE UPDATES!!!

  57. John R says:

    Heck, yeah, man. Open up your Mac to anything that wants to install. Go for it, the sky is the limit. The PC world is yours for the taking.

  58. Clam says:

    Did something change in Sierra compared to El Capitan that prevents or removes the functionality of ‘Ctrl+Click > “Open” menu item’ to selectively bypass Gatekeeper when “App store and identified developers” is selected in the preferences? If not, then changing the preferences to “Anywhere” is a bad idea and you really shouldn’t do it, no matter how cool it is to fiddle with the system settings and make an option appear that most people don’t have access to.

    More info about these options:
    https://support.apple.com/en-gb/HT202491

    • tobin says:

      Yes in Mac OS you can still right click / control click to Open and circumvent Gatekeeper, but for unidentified apps.

      • dialoguy says:

        Running Sierra 10.12.5 Beta. Can’t open an app by right-clicking/”Open” nor by getting the gatekeeper out of the way…

  59. Stephen Strum says:

    My opinion as someone that used PCs for 20 years and then became a devout Mac user is that this is a bunch of hogwash i.e. that Apple should think that only apps that it supplies or those obtained from the App Store should pass muster, and that only advanced users with magical skills should deviate from this activity →

    “This is not recommended for most Mac users, only advanced Mac users and developers who have the ability to accurately gauge app validity should use this method.”

    I have been purchasing or obtaining non-approved apps since day 1 of my converting to Mac computers.

    So those of us using PathFinder instead of the anemic Finder, or Moon, or other so-called “3rd party apps” that make the use of Apple computers better for a lot of us either have to be fortunate enough to find such apps in the App Store. For years, I have used NeoOffice and paid a minor donation to the developer. Now, NeoOffice made it into the “holy place” in the App Store and the same software is $39 dollars. Here’s what would have been nice for Apple to have done instead:

    An option in downloading apps (other than that which Tim Cook et al feel we users can handle) should be one of the options found without having to use a Terminal command. And if there are apps that are identified as malware or spam, then it would be nice if Apple or some other company could notify users rather than make a generalization that there are bad apps out there. I have intensely used my iMac over the last 11 years and have never run into a problem with the many 3rd party apps that I have purchased or obtained for free. And how many of those in the App Store were “outcasts” for years before being granted sanctuary? Give me a break.

    If Apple would stop spewing out new OS and improve key functions of the current OS, it would make many of us Mac users a lot happier and more effective, and then maybe a lot of the “other” apps I buy would not be necessary. A good example in my case is that the upgrade to Sierra will not allow me to run a very important medical program called EndNote. Endnote is a Thomsen Reuters app that has been around for decades & of course is not in the App Store.

    I miss Steve Jobs. Apple has lost its pizzazz and vision.

    • Peter says:

      The whole point is Apple is trying to get devs to sign their apps, they don’t have to be from appstore. Right now devs are just to lazy to register as an Apple dev and sign their apps.

      This is a good thing not bad, just seems bad as devs are not doing what they should be doing.

      • Sebby says:

        Mmm, and Apple just happens to get a recurring payment of £99/year for the privilege. A complete coincidence, of course. :)

        Come on. Yes, this security “feature” has a user-facing benefit, and I’d leave it on just to get the warm fuzzy I do from “the legitimacy factor” of Apple’s signature. I also think outright disabling the feature isn’t necessary. But as with so many things Apple, priority #1 is Apple, and #2 is the user–increasingly, it seems to me, a very distant second. The reality is that a well-designed interface (like the one that existed before Mountain Lion, in fact) is already perfectly good at warning users off from accidental invocations of rogue software, and (although it can be hard to believe sometimes) not everybody needs their hands held for them. More importantly, many devs don’t need the hassle of paying Apple’s tax (think Open Source stuff) and, if the option didn’t exist for users to run their software, they probably wouldn’t port to the Mac at all.

        I just hope it doesn’t get to the stage where unsigned apps aren’t allowed at all. That would (will?) be a sad day.

  60. drrjv says:

    You can also do the same by clicking control-click ‘open’

    • junebeetle says:

      Yep, this is super useful. Control-click the app > Open. Click Open on the dialog that appears.

      I spent a couple years dragging SketchyApp.app/Contents/MacOS/SketchyExecutable into Terminal before I figured this one out.

    • Dan says:

      And that’s a far better option. Having to specifically allow unidentified apps is much safer than a open door.

      • Chris Giordano says:

        I totally agree. This would and should be the preferred method for any proper Mac admin. Unlocking Gatekeeper completely should almost NEVER happen, especially in an enterprise environment. It’s even a risk recommending this to standard consumers as they really have no idea what they are doing and what the repercussions are by completely unlocking it. Chances are they won’t ever take the time to go back and lock it back down.

    • HJ says:

      I’ve performed the disable command but still get the “can’t be opened” message. Even if I control click. Any suggestions?

    • Joseph B. says:

      Thank you so much! It works! I thought I was done for and I would of had to delete most of my apps!

    • Michael says:

      thx alot
      really help

    • iyohmamma says:

      Yes, saw this method on other and did not work…..YOU INFORMED ME TO CLOSE “System Preferences” first. Great works. Thanks.

    • Narain S. says:

      O Yes.. It did! Perfect.. Thanks!

    • Mona says:

      Very helpful and easy tip.

    • Keith says:

      It won’t let me enter my password

    • smuseby says:

      With the installation of Mojave, starting Excel, which looks for the “Personal Macro Workbook”, generates the error, “Alert. Sorry, we couldn’t find Personal Macro Workbook…”. I have enabled the ‘anywhere’ option in System Preferences.
      Since the workbook is not an app (although it contains macros), is there another security setting that might solve this issue?

    • Scott says:

      Thank you!!! the command line insert (sudo spctl –master-disable) worked.
      Why oh why does Apple insist on being so obtuse?

      • Andrew says:

        This is not Apple being obtuse, in my opinion. This is Apple being protective of its users.

        And because Apple is protective of its users, I don’t have to worry about running extra software – virus protection, malware protection, and goodness knows what else.

        Thank you, Apple, for taking the time and care.

    • jackson says:

      This is amazing. Thank you soo much! All other tutorials were fake

Leave a Reply

 

Shop on Amazon.com and help support OSXDaily!

Subscribe to OSXDaily

Subscribe to RSS Subscribe to Twitter Feed Follow on Facebook Subscribe to eMail Updates

Tips & Tricks

News

iPhone / iPad

Mac

Troubleshooting

Shop on Amazon to help support this site