How to reduce the risk of "Zoom-bombing" by requiring authentication
“Zoom-bombing” occurs when someone joins your virtual meeting who was not invited. It can happen because the meeting information was posted publically (on a web site or social media post), or was forwarded from an authorized attendee to someone else. Large, high-profile meetings are at risk of attracting unwanted attendees, and Zoom-bombing can be highly disruptive and embarassing.
There are a number of steps you can take to reduce the likelihood of Zoom-bombing, including limiting what participants are able to do once in the meeting (for example, do not allow non-speakers to share their screens or unmute themselves if possible).
One of the most effective methods is to require authentication, meaning all participants must be logged in with a Queen’s NetID to attend. Combined with not allowing participants to rename themselves, this not only limits attendees but prevents someone from hiding behind anonymity. You can add exceptions for guest speakers or other non-Queen’s attendees.
To require authentication:
- Sign in at https://queensu.zoom.us
- Click “Meetings” and then “Schedule a Meeting”
- Fill out the topic, start time, and duration.
- In the Security section click “Require authentication to join” and then from the pop-up that appears choose “@queensu.ca email”.
- If you need to invite someone who does not have a Queen’s NetID click “Add” next to “Authentication Exception”. Enter their name and email address. They will receive an invitation to the meeting by email with a unique join link that will bypass authentication. (It is important that they keep this email otherwise they will not be able to join. In that case, you can remove them and re-add them to trigger a new email message.)