As the internet has grown, so has the sophistication and frequency of cyber attacks. Today, the simple act of downloading an app can be like opening Pandora’s box. With a single click, you could invite Trojans, viruses, or other forms of malware to wreak havoc on your computer. It can be a bit daunting for Mac newbies or those who are less technically inclined.

That’s why Apple implemented Gatekeeper, introduced in MacOS 10.8 Mountain Lion. Gatekeeper checks every downloaded application against its database of registered apps by known developers, and, erring on the side of caution, won’t permit a user to run or install software if it’s not in this registry. Gatekeeper is an effective first line of defense against malware. But it is overly cautious.

In actuality, just because a downloaded file doesn’t appear in Apple’s database doesn’t mean it’s unsafe. There are a host of legitimate reasons this might be:

• philosophical objections to Apple becoming, as the name suggests, the “gatekeeper” for how anyone uses their Mac;
• objections to the cost of the program, particularly if the software is for a niche audience, in which case participating in Apple’s program might not make sense economically;
• objections to limitations Apple places on the functionality of software included in the App store;
• frustration that the process is too long and complicated.

When you get the Gatekeeper message, but you really need/want to install the software in question, don’t just cross your fingers and wish for the best. There is one important step you should perform first.

To ensure the file hasn’t been tampered with, check the file’s checksum. On a Mac, the function is built right into Terminal. When it comes to choosing a checksum, SHA-256 is preferred over other options due to its stronger security against collision attacks, where two different inputs produce the same output hash.

This is how to check a file’s checksum on a Mac using the preferable SHA-256. These are the commands to run in Terminal, assuming the location of the file in question is in your Downloads folder and the name of the file is file.dmg:

The first line changes our location to the Downloads directory. (Remember that in MacOS folder names and file names are case sensitive.) The next, optional, line lists the contents of the current folder so you can view the precise name of the file in question.

The final line is the SHA-256 checksum command, where you will replace file.dmg with the name of the actual file you downloaded.

Finally, simply compare the output in Terminal with the checksum provided on the developer’s website. If the checksums match, the file is verified to be intact and unaltered; if they don’t, the file may be corrupted or compromised. Always ensure the comparison checksum is from a trusted source.

It is important to know that even if the checksums do match, it doesn’t guarantee the file is free of malware, which is why running updated antivirus software is essential. Even on a Mac. Recommended antivirus tools are Avast Security (free antivirus), and Bitdefender (paid antivirus). Neither of the two options above will slow down your Mac, and both provide top-notch security.

Of course, for the safest experience, you should only use software downloaded from the App Store. But where’s the fun in that?