Nowadays, it feels like Zoom is never going to give us up, remote working is never going to let us down, and we’re never going to run around anywhere again, because we’ll be stuck in a quarantine for another year. And if that’s as much Rick Astley as you need in your life right now, you’re going to want to make sure your Zoom meetings are secured from this magical meme — and anyone else who might want to jump in and cause issues.
I mention Mr. Astley, as this incredible, free service just rolled out today that allows you to rickroll any Zoom meeting you can access. I think it’s all in good fun — and given how much it’s going to be slammed and how big the rickrolling queue is going to get, I doubt it’ll last very long. Still, it got me thinking: If someone can sacrifice their Zoom account and write a little tool to rickroll random meetings, what’s stopping a person from doing something a lot more unpleasant?
Zoom is trying to prevent situations like these by forcing its paid users to adopt one of two security strategies by September 27 (previously July 19): waiting rooms or passcodes. The former is the best strategy you can use to prevent unexpected people joining your Zoom call to cause trouble or sing annoying memes — and would stop the digital Astley right in its tracks — but it becomes problematic when you have to greenlight a bunch of people if you haven’t previously whitelisted a group or domain.
In other words, if you’re paying for a Zoom account to chat with your friends or play games, you’ll have to go through the annoying process of letting everyone in your Zoom meeting each and every time you host one. However, this also makes it impossible for someone to join your meeting who you don’t want there — unless they somehow sucker you into thinking that they are one of your friends, which would be a pretty good bit of name-guessing on their part.
And then there are passcodes, which are another semi-effective way to lock your meeting from outsiders. The catch is that your meeting’s standard Zoom link already comes with an embedded password. That’s why you can jump directly into a meeting without typing anything when you click one.
You’d have to edit out the “Pwd=”....” portion of your Zoom link to force everyone to type in your meeting’s passcode to join. And that passcode isn’t the aforementioned password field from the URL; it’s the separate six-character number that you’d give people if you copied the “invitation,” not the “invite link,” when sharing your meeting.
Got it? It’s a little confusing. And it would be great if Zoom gave you a toggle that allowed you to embed or not embed a meeting password when copying its link (at least, within the Zoom app, not account-wide). Otherwise, if someone gets their hands on that link, and you aren’t using waiting rooms, they can jump into your Zoom meeting even if it’s protected by a passcode.
Were I you, I’d forget all of this right now and focus on a different setting entirely. Once you have everyone in your meeting who needs to be there — however they got in — and you can verify that there isn’t anyone else inside your meeting that shouldn’t be, just lock the room. This handy little setting via Participants > ... > Lock Meeting makes it so that nobody will be able to enter your Zoom, or its waiting room, no matter what link or passcode they’re using.
That’s it. Remember that setting and nobody will be able to join once your meeting has started — not a hacker, not a bored teenager, and not Rick Astley.