Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Attention! Attention! Review info on your public Trello boards!

Hi community! 


Trello is awesome product, but we need to consider security. 

If you have use the public boards publicly available on Internet you might be exposing more information than intended! See below :)

 Everyone knows the Google indexing so much info from web sites.
In fact, if you write the correct request you can get sensitive information from Trello user boards.

For example:

Also you can find for other domain and interesting phrases.



  1. Please, review info on your boards.
  2. Change passwords any other credentials
  3. Don't put sensitive info on trello boards!
  4. And push Trello support to remove indexed page from Google cache, and other search platforms like Yandex, Yahoo.
  5. If you have the Premier support, let's raise issues about stop indexing and remove from Google cache.

Hope it helps!
I will be happy if you send to other users this info.
In my opinion, so much users from the it world parse info.
Also you can help to prevent use the sensitive data just suggest some static checker on Trello side like Sonar (popup window if find word password), also stop indexing ( I mean review robots.txt).




Gonchik Tsymzhitov


Cassie Mayes Community Manager May 11, 2018

Hi Gonchik,

When a board is made public, Google is pretty good at getting the content of that board into their index. They're less good about coming back and checking that the board is still public. Once the board is made private, we are reporting the right status to Google (i.e., 404), but they need to be told that this is a permanent state of affairs, not a one-time glitch or programming error.

The request has more weight coming from a non-owner of the site than it does when it comes from the owner. You can help them realize a board is no longer public with the instructions in this article:

Submitting that de-listing request is going to be the best way to remove that listing from Google.

I hope that helps!

I see Trello does warn people about their site being indexed by Google, but maybe the default should be that the robots.txt file tells Google *not* not index the site?

@Matt Doar to my understand public boards should not be indexed. 

I hope these a few steps will be good for next step.

0. Stop indexing any boards, only blog, marketing and documenation can be indexed

1. Therefore the better way is remove from google cached indexed pages. 

2. Also I think nice feature is implement some js script which will check static phrases like ( password, credit card number, emails)

3. And the end sometime shows the good practices for the security


@Cassie Mayes thank you for the answer!



Gonchik Tsymzhitov

Hi Gonchik!

Public boards are meant to be indexed. Many organizations use them to house public development boards, planning, and more. A public board is meant to be seen by the public, and removing them across all of Trello from Google would severely impact many use cases. 

In the past, Trello has forced public boards containing login information to become private (or team visible). I am unsure if this is a regular thing they do, or if it was only done the one time. 

However, Trello is pretty clear that the boards will be visible in Google when made public. Unfortunately, many organizations don’t have great security practices and run big risks like this. It’s always good to make sure the organizations using Trello take the time to make sure our boards don’t contain sensitive information :) 

But in my opinion, it would do more harm than good to remove Trello public boards from Google’s index. Many groups use and need this feature. Instead, let’s all spread the word so we are responsible for the sensitive information we manage :)



Looks like not many person wants to clear and conert to the private board with sensitive data. 

And Trello support did not get for me any answer. 




Gonchik Tsymzhitov

I do understand the reason why some people need indexing of their public boards, but there are at least as many reasons not to index it. If I want to be able to quickly share a board with 10 people and not add the 10 people to the board and ask them to create account/login, I need to use a public board. But I may not want to have the info indexed for everyone else to see. Why not simply have the option at board creation? It's just about adding a no-index tag to the board which have it enabled...

Like Patrick Taylor likes this

Why not just implement a setting which controls indexing? Typeform does this and it's great solution to the issue

Like Gonchik Tsymzhitov likes this

I think it is pretty common for google to be indexing pages on its own. You have to disallow google to index that particular page or if you wish all of your pages. My calendar was visible on google search once, then i had to make it private.


Log in or Sign up to comment
Community showcase
Published in Trello

A Trello template to help you clean up your Confluence Space

Calling all Trello + Confluence users! We're celebrating all things Work and Wellness in our Confluence collection, where our team has been sharing activities to create more mindfulness around the ...

936 views 4 13
Read article

Atlassian Community Events