1. Introduction

2. Proactive Security

3. Reactive Security

4. After a Zoombombing Incident

5. Further Support with Zoombombing


This document outlines how to reduce as far as possible the risk of such intruders being able to join your meeting or class and how to respond to unwanted intruders joining an online meeting or taught session (often called Zoombombing, though not exclusive to Zoom). Zoombombing is not very common but can be distressing for you and your participants if it does occur.

If you are unfortunate enough to have an intruder join your session, this document outlines what you should do in such instances and provides links to detailed guidance.

There are two approaches to minimising the risk of disruption by zoombombing and both are important: proactive security in the settings you apply to your meeting, and reactive security when dealing with an incident.

Proactive Security

A combination of approaches and settings will significantly reduce any risk of Zoombombing occurring in your online meetings.

Choose the most appropriate platform: Zoom is popular for its performance but is the most open to unwanted externals entering sessions. Blackboard Collaborate is less likely to be zoombombed because users have to log into Blackboard to access the session. Collaborate also automatically registers attendance including how long each participant remains in the session. It is therefore worth considering security issues alongside other considerations when choosing the platform to use.

Distribute links securely: Some students and staff have shared links online via websites and social media. This makes a meeting far easier to infiltrate by a Zoombomber, Zoom now alerts meeting owners to the risk by email where possible. Links placed on Blackboard sites can only be seen by students enrolled on the site. There is also no need to email Collaborate links, as they can be accessed on-site. Likewise, WebEx and Teams links should only be disseminated via Blackboard where possible. It is also important that students know not to share links with anyone.

Allow only SHU users to join: Unless your meeting includes external speakers or collaborative partners (who will not have SHU IT accounts) consider selecting the option to allow authenticated users only so that only SHU staff and students can access. Students will need to pick the option to sign in via SSO and then input before being directed to a Sheffield Hallam login screen. Once they have done this once, Zoom should remember them for future meetings however.

Passwords: All Zoom meetings should have a passcode. Without one, automated bots can find and exploit room links. Again, only make the passcode available via the Blackboard site and change it in the event of an incident. Different passwords should be used for each room.

Waiting Rooms: A waiting room allows you to check participant names match the class list before allowing a user to enter the meeting, an effective way to stop an unknown person from entering your meetings. Note that students should be reminded to use their first name and surname when joining the Zoom room. Waiting rooms may not be practical with larger modules.

Participant Permissions: In the Zoom settings you can pre-select the permissions participants will have in meetings. You can also change permissions easily during the session in the Security tab. Choose whether participants can un-mute their microphones, use their camera, comment in the chat, and share their screen. Consider which permissions participants need based on what activities will happen in the class and disable those which are not needed.

Locking the Room: Once a meeting has started it is simple to lock your meeting room. This will stop anyone else from joining the meeting. In the event of someone disrupting the meeting, it is important that the room is locked or the waiting room is enabled to prevent them from rejoining quickly. Note if a legitimate participant drops out, they will be barred from reaccessing, so enabling the waiting room during the session may be a better option..

Reactive Security

What to do if you have a Zoombomber (or an ill-disciplined participant). In the case of a Zoombomber, do not hesitate to act immediately rather than trying to engage with them. Here are steps you can take to stop their disruptive behaviour:

Suspend Participant Activity: by clicking Suspend Participant Activity all video, audio, in-meeting chat, annotation, screen sharing, and recording will stop, Breakout Rooms will end, and the room will automatically be locked. This should be the first thing you do if you are experiencing session disruption. Doing this will temporarily disable your audio and video, but you can turn them back on. Zoom will ask you if you would like to report users, who will also be removed from the session. After removing the disruptive participant you can re-enable access to video, chat, etc.for participants via the Security tab.

Removing a Participant: in the infamous Parish Council Meeting which hit the headlines in Winter 2021, the facilitator used the option to remove a disruptive participant. This single-click option enables you to remove a zoombomber (or participant who is behaving inappropriately). Be sure to lock the room or enable the waiting room after removing a participant so there is no chance they can re-enter.

Reporting and Help: There are a few ways to report incidents and seek assistance, but if you use the Suspend Participant Activity tool, Zoom will automatically offer you the facility to report the zoombomber(s) and will automatically follow this up with you after the meeting. Zoom will then take steps to prevent repeat offences.

After a Zoombombing Incident

Apologise to your students for the disruptive incident and reassure participants that you have permanently removed the offender so that teaching can continue as usual. Depending on the nature of the incident (e.g. racist or sexist language, sexual content, etc.) some students may have be distressed by events. If so, refer them to Report and Support, a service also available to staff.

Where you suspect a student has been disruptive, it is worth reminding students that such conduct breaches both the Student Charter and the University Code of Conduct, and disciplinary action is a possibility for you to consider.

Further Support with Zoombombing

If you have further questions around Zoombombing, security settings for online sessions or need other support with using online tools for teaching and learning, please contact the Digital Learning Team at