Feature request: Locking down Keyboard Maestro Editor - macro visibility

I would like a feature that allows me to lock access to the Keyboard Maestro editor to prevent others from seeing what my macros are and prevent editing or creation of new ones. This would be enabled/disabled from a menu item within the editor itself. When disabled, the Keyboard Maestro Editor would simply display a blank window with an unlock button.

Macros could be stored in an encrypted state (doesn’t have to be strong encryption; although, that might be nice). This would mean that the engine would have to decrypt when accessing. Operation of keystrokes would not be affected by the locking/unlocking. The goal is to prevent causal browsing/modification. Ideally both on the disk and in the window, but just locking the window would be enough for me.

When enabling/unlocking, a password dialog box in secure mode would be displayed. If you forget your password, the only option would be to reset to its original state. Of course you could export, encrypt and archive your keyboard macros for safety.

Integration with a password manager such as 1Password would be cool – might also attract new users if they heard about the feature support from 1Password advertising.

Posting the “why” behind this request would help any developer give it more consideration…

Purpose: on a multi-user system (eg school or family), “admin” can setup shortcuts and hide/protect details from inquisitive eyes. Also prevents someone from injecting a keyboard virus.

1 Like

I can see the utility in such a system, but I doubt it will happen any time soon, and probably not ever.

Simply put the cost/benefit in terms of the amount of time it would take to implement vs the number of people it would benefit is unlikely to ever be sufficient that it makes it to the top of the todo list.

I know that’s not what you want to hear, but knowing the facts is more likely to be useful that me just saying “I’ll add it to the todo list” (which I would, except its already there). At least that leaves you free to come up with your own solutions.

For example, a low tech, low security solution would just be a macro that triggers on Keyboard Maestro launch and quits Keyboard Maestro unless a condition is met (say certain modifiers are held, or another trigger has very recently be executed). Its not secure, but would keep casual snoops out.

Thank you, and great idea.

Hello @dcblack

I know it was five years ago - I've read it until a hour ago.... and Your Idea as a Feature for KM to be lockable is great - and I am inspired to have a solution to have my Macros locked from people who are not allowed to make any changes to the setup, too.

I don't know if you heard about an Application called iLock - made by OSXbytes

It is an Application to lock other Applications with very high secure Passwords... - want a password with more than 60 digits - no problem with this application .... and even the macOS Keychain has no problem to store it ....

it is also very automation friendly because its scriptable with AppleScript....

I am working for my self on a solution to lock KM and other apps like Terminal, Automator, Karabiner-Elements and so on... all apps whose are supposed to work together to keep my setup only edited be me...

I highly recommend for such a solution that you wouldn't only lock Keyboard Maestro Editor. Lock Terminal, too and for the Keyboard Maestro Library Folders I would recommend to use the build in FolderActionScripting - Feature of macOS to make it impossible opening the folder without a Password. but only on opening the folder not on writing to this folder(s) .... then you have the Security to KM you want to have...

you can even combine the FolderActions with KM... but use bash or python as script because it is very fast and can put the window of the folder to dock on a very fast duration and then asking you for the Password and keep it in the dock until your Password is correct using a Macro ...

In the macro you can even put an AppleScript for generating randomly Digit Codes whose can be send to your iPhone by using the Pushover Service so that you can use them to give you a self made 2FA solution.....

I am very sorry that I don't have a finished setup to share but if I am a 100% right that is what you can do - and use everywhere on your Mac where you don't want that others don't have Permissions....

If you don't have a solution like that - I hope this gives you an Idea ...

I will come back with a working solution when I have finished it for my own if you like ...
Perhaps there are some others here in this Forum they can help you if you have trouble to get it to work...

That was a lot of theory - I hope that I am right with all what I said

Good Luck and have a nice day

greetings from Germany

1 Like

I like the iLock suggestion and have already put that into action.

Could you elaborate a bit more on your FolderActionScripting idea?

Hello @dcblack ,

its just simpler than I mentioned earlier ....

for the FolderActionScript you just need to write something like this:

on opening this_folder
Your Code goes here 

for a macro it should be something like: 
    tell application "Keyboard Maestro Engine" to do script "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
the Placeholder XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX is for the corresponding UUID
end opening

the Macro can be something like this:

Just as an Example for you ...

Hope this gives you an idea to do it ...

Greetings from Germany