Harden Your Zoom Settings to Protect Your Privacy and Avoid Trolls

Fight Censorship, Share This Post!

Whether you are on Zoom because your employer or school requires it or you just downloaded it to stay in touch with friends and family, people have rushed to the video chat platform in the wake of COVID-19 stay-at-home orders—and journalists, researchers, and regulators have noticed its many security and privacy problems. Zoom has responded with a surprisingly good plan for next steps, but talk is cheap. Zoom will have to follow through on its security and privacy promises if it wants to regain users’ trust.

In the meantime, take these steps to harden your Zoom privacy settings and protect your meetings from “Zoombombing” trolls. The settings below are all separate, which means you don’t need to change them all, and you don’t need to change them in any particular order. Consider which settings make sense for you and the groups you communicate with, and do your best to make sure meeting organizers and participants are on the same page about settings and shared expectations.

Privacy Settings

Make Sure Chat Auto-Saving Is Off

In your Zoom account settings under In Meeting (Basic), make sure Auto saving chats is toggled off to the left.

The autosave chats setting toggled off to the left

Make Sure “Attention Tracking” Is Off

In your Zoom account settings under In Meeting (Advanced), make sure Attention tracking is toggled off to the left.

The attention tracking setting toggled off to the left

Use a Virtual Background

The space you’re in during a call can expose a lot of information about where you live, your habits, and your hobbies. If you’re uncomfortable having your living space in the background of your calls, set a virtual background. From the zoom.us menu in the top right corner of your screen while using Zoom, navigate to Preferences and then Virtual backgrounds.

Best Practices for Avoiding Trolls

With Zoom now more widely used than ever, the mechanics of its public meeting IDs have allowed bad actors to invade people’s meetings with harassment, slurs, and disturbing images. When you host a meeting, consider taking the steps below to protect yourself and your participants from this “Zoombombing.”

Bad actors can find your meeting in one of two ways: they can cycle through random meeting IDs until they find an active one, or they can take advantage of meeting links and invites that have been posted in public places, like Facebook groups, Twitter, or personal websites. So, protecting yourself boils down to controlling who can enter your meeting, and keeping your meeting IDs private.

Keep the Meeting ID Private

Whenever possible, do not post the link to your meeting or the meeting ID publicly. Send it directly to trusted people and groups instead. 

Set a Meeting Password, and Carefully Inspect the Meeting Link

In your Zoom account settings under Schedule Meeting, toggle Require a password when scheduling new meetings on to the right. You’ll find additional password options in this area of the settings as well.

Several password settings toggled on to the right

You can also set a password when scheduling a meeting from the Zoom desktop app by checking the “Require meeting pass” checkbox.

BEWARE, however, that Zoom passwords can behave in unexpected ways. If you use the “Copy Invitation” functionality to copy the meeting link and send it to your participants, that link might include your meeting password. Look out for an unusually long URL with a question mark in it, which indicates it includes your meeting password.

If you plan to send the meeting link link directly to trusted participants, having the password included in the link will be no problem—but if you want to post the meeting link in a Facebook group, on Twitter, or in another public space, then it means the password itself will also be public. If you need to publicize your event online, consider posting only the meeting ID, and then separately sending the password to vetted participants shortly before the meeting begins.

Lock Down Screen Sharing

In your Zoom account settings under In Meeting (Basic), set Screen sharing to Host Only. That means that, when you are hosting a meeting, only you and no other meeting participants will be able to share their screen.

The screensharing setting set to host only

Depending on the calls you plan to host, you can also turn screen sharing off entirely by toggling it off to the left.

Use Waiting Rooms to Approve Participants

In your Zoom account settings under In Meeting (Advanced), enable Waiting room by toggling it on to the right. A waiting room allows hosts to screen new participants before letting them join, which can help prevent disruptions or unexpected participants.

The waiting room setting toggled on to the right

Lock the Meeting

When you are actively in a meeting and all your expected participants have arrived, you can “lock” the meeting to prevent anyone else from joining. Click Participants at the bottom of the Zoom window, and select Lock Meeting.


Fight Censorship, Share This Post!

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.