This post has been updated. It was originally published on April 26, 2021.
Zoom’s end-to-end (E2E) encryption is great news for those who care about their privacy and security online. But the feature is not enabled by default, so you might still be connecting with friends, family, and colleagues through the video calling program’s less-than-perfectly-secure standard encryption protocol.
And listen, that’s… fine, but you deserve the best.
Why should you enable E2E encryption
On their own, encrypted communications are a jumble of incomprehensible characters that require a key to translate that mess into intelligible text messages, audio clips, or video calls. The main difference between types of encryption is where the keys are generated, managed, and stored.
Zoom’s default AES 256-bit GCM encryption, for example, generates keys on the company’s own servers. This means the contents of your team’s daily staff meeting still travel from your device, through the internet, and to your colleague’s laptops or cellphones in a secure way. But because Zoom controls the key to that communication, they could technically decrypt that “funny” story you told about your cat—and how none of your teammates laughed at it. On a more serious note, it also means anyone who gains access to Zoom’s servers—from a hacker to a government agency—could see what you’ve been talking about.
By enabling E2E encryption, your device (and the devices of everyone on the call) generates, manages, and stores the key to your communications. This means that Zoom’s servers only receive a bundle of unintelligible code that they then direct to its final destination. The company never sees what you said, the photo you shared, or that story you wish you could un-tell.
Why E2E encryption is not automatic on Zoom
As of now, when you enable E2E encryption on Zoom, you automatically lose access to a bunch of other features. This includes the ability to join a call before the host, cloud recording, live streaming, and live transcription. Others, like one-on-one private chats and meeting reactions, are disabled depending on what version of Zoom you’re running.
The functionality has other limitations as well. Only people using Zoom Rooms, the desktop client, or the mobile app are able to hop on E2E encrypted calls, leaving behind users who dial in or connect through third-party clients like Lync or Skype.
[Related: 6 secure alternatives to WhatsApp]
When Zoom announced the arrival of E2E encryption back in October, one of the stated benefits was that it would be available for both paying customers and those using the app for free. But there’s a trick here: to use this new encryption, freeloaders will have to have a valid billing option on file, and verify their accounts. This means giving Zoom credit card details and phone numbers, plus a physical address, which may be a high price to pay if you highly value your privacy.
All these caveats are why Zoom is recommending users only turn on E2E encryption for sensitive communications—meetings that truly call for this extra layer of protection. But because E2E encryption is the only online protocol that totally secures your content online, it shouldn’t be optional. It should be the default.
How to set up E2E encryption on Zoom
On your computer, log into the Zoom website and click on Settings. Under the Meeting tab, choose Security and scroll down to turn on the toggle switch next to Allow use of end-to-end encryption.
When you do, a new option to choose a type of encryption will appear below—check the circle next to End-to-end encryption. If you’re not a paying user, the platform will ask you to verify your account using a valid phone number.
If you’re managing a group of users or an entire business account, the instructions are similar. Before you click on Settings, click on User Management, then Group Management. You can find more details on Zoom’s help center.
With E2E encryption enabled, you’ll see the corresponding icon in the top left corner of the screen the next time you host a meeting—it looks like a green shield with a lock on it. Click on it to check E2E encryption is enabled, and click on Verify to make absolutely sure your communication is secure. When you do, you’ll see a pop-up window with eight sets of five digits. Once all your guests are online, ask them to open up the same window. Read the numbers out loud, and if they match, congratulations—you’re now connected with the internet’s best security.
Updated on April 27th, at 2:12pm: This post has been updated to reflect that E2E encryption on Zoom is no longer a technical preview.