How can I prevent Zoombombing?

What is Zoombombing?

Zoombombing is when an uninvited person joins a Zoom meeting and, with their video, audio, or screensharing, shares unwanted content to the meeting. 

See: Zoombombing: When Videoconferences Go Wrong

REMEMBER: Never share a Zoom meeting link in a public setting, such as on social media or online bulletin boards, in blog posts or news articles, or on listserves or email lists with wide distribution.

BEFORE THE ZOOM MEETING

Schedule Your Meetings with a Unique URL

You can schedule a Zoom meeting to have a unique URL (instead of your sharing your personal meeting URL, which is permanent and can easily be shared out in unwanted ways).

Prevent Removed Participants from Rejoining a Meeting

  • In your Zoom account settings, disable "Allow Removed Participants to Rejoin" so booted attendees can't re-enter the meeting. Log into your Tufts Zoom account, and find this under Settings > Meeting > In-Meeting (Basic)
  • NOTE: This is disabled by default in your Tufts Zoom account.
  • See: Account Settings

Password Protect Your Meeting

  • Require a password for entry to a Zoom meeting. To do this, enable three settings in your Zoom user account
    • "Require a password when scheduling new meetings", 
    • "Require a password for Instant Meetings"
    • "Require a password for Personal Meeting ID"
  • In addition, be sure to disable the setting called "Embed password in meeting link for one-click join". This means you will have to provide the password in a separate communication from the meeting link. This is less convenient, but is a deterrent to unwanted visitors.
  • See: Require a Password
  • See: Account Settings

Only Allow Participants in the Room When You are There

  • Use a calendar tool such as Canvas Calendar, or Outlook, or Google Calendar to invite participants to an event, but don't share the Zoom meeting link in the invitation. Then, a few minutes before the Zoom meeting is about to start, email out the meeting link, which should be a unique link, rather than your Personal Meeting ID or Link.
  • See: How do I set up a meeting directly in Zoom? 

Identify Meeting Participants

  • Enable "Identify Meeting Participants", so that you as the meeting host and other Tufts Zoom users can check the participants list to see if a participant who lacks a Tufts Zoom account has joined the meeting. Enable this in your Zoom account settings.
  • See: Identify Guest Participants

Prevent Participants from Transferring Files

  • Disable In-Meeting File Transfer in your Zoom account settings, so theres no digital virus sharing.
  • NOTE: This is disabled by default in Tufts Zoom accounts.
  • See: In-Meeting File Transfer

REMEMBER: Never share a Zoom meeting link in a public setting, such as on social media or online bulletin boards, in blog posts or news articles, or on listserves or email lists with wide distribution.

DURING THE ZOOM MEETING

Join Your Meeting as the Host

 

Include a Co-Host in your Meeting

 

Lock Your Zoom Meeting After All Participants Have Arrived

  • Once all attendees have arrived, you can 'lock' the meeting via the participant list. This is analogous to locking a physical door to the classroom.
  • See: Managing Participants in a Meeting

 

Only You as Host Can Share Your Screen

 

Eject a Problem Visitor from the Zoom Meeting

  • Identify the problem user and use "Remove" in the Participants window to dismiss them permanently from the meeting. Just be sure to remove the unwanted user, not wanted participants.
  • See: Managing Participants in a Meeting

 

Shut Down the Meeting

  • In an emergency, end the meeting by clicking "End meeting" in the lower right corner of the Zoom window. Then set-up a new meeting with a unique URL, and send it to participants via a Canvas Announcement, the Canvas InBox tool, and email, etc.