After you have installed the add-on using UPM

...

The above section explains how to avoid putting passwords on pages. However, the configured profile can be used by anyone that can edit content on your site. If all you users are trusted, then you are good. However, in most cases you will want to restrict access to a group of users that are trusted to use this capability. This is accomplished by using CMSP and configuring access to the macro and perhaps to individual profiles. Go to the documentation for Macro Security for more information.