Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Attention! Attention! Review info on your public Trello boards!

Hi community! 


Trello is awesome product, but we need to consider security. 

If you have use the public boards publicly available on Internet you might be exposing more information than intended! See below :)

 Everyone knows the Google indexing so much info from web sites.
In fact, if you write the correct request you can get sensitive information from Trello user boards.

For example:

Also you can find for other domain and interesting phrases.



  1. Please, review info on your boards.
  2. Change passwords any other credentials
  3. Don't put sensitive info on trello boards!
  4. And push Trello support to remove indexed page from Google cache, and other search platforms like Yandex, Yahoo.
  5. If you have the Premier support, let's raise issues about stop indexing and remove from Google cache.

Hope it helps!
I will be happy if you send to other users this info.
In my opinion, so much users from the it world parse info.
Also you can help to prevent use the sensitive data just suggest some static checker on Trello side like Sonar (popup window if find word password), also stop indexing ( I mean review robots.txt).




Gonchik Tsymzhitov


Cassie Mayes
Community Manager
Community Managers are Atlassian Team members who specifically run and moderate Atlassian communities. Feel free to say hello!
May 11, 2018

Hi Gonchik,

When a board is made public, Google is pretty good at getting the content of that board into their index. They're less good about coming back and checking that the board is still public. Once the board is made private, we are reporting the right status to Google (i.e., 404), but they need to be told that this is a permanent state of affairs, not a one-time glitch or programming error.

The request has more weight coming from a non-owner of the site than it does when it comes from the owner. You can help them realize a board is no longer public with the instructions in this article:

Submitting that de-listing request is going to be the best way to remove that listing from Google.

I hope that helps!

I see Trello does warn people about their site being indexed by Google, but maybe the default should be that the robots.txt file tells Google *not* not index the site?

Gonchik Tsymzhitov
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
May 11, 2018 • edited

@Matt Doar to my understand public boards should not be indexed. 

I hope these a few steps will be good for next step.

0. Stop indexing any boards, only blog, marketing and documenation can be indexed

1. Therefore the better way is remove from google cached indexed pages. 

2. Also I think nice feature is implement some js script which will check static phrases like ( password, credit card number, emails)

3. And the end sometime shows the good practices for the security


@Cassie Mayes thank you for the answer!



Gonchik Tsymzhitov

Devon Henderson
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
May 11, 2018 • edited

Hi Gonchik!

Public boards are meant to be indexed. Many organizations use them to house public development boards, planning, and more. A public board is meant to be seen by the public, and removing them across all of Trello from Google would severely impact many use cases. 

In the past, Trello has forced public boards containing login information to become private (or team visible). I am unsure if this is a regular thing they do, or if it was only done the one time. 

However, Trello is pretty clear that the boards will be visible in Google when made public. Unfortunately, many organizations don’t have great security practices and run big risks like this. It’s always good to make sure the organizations using Trello take the time to make sure our boards don’t contain sensitive information :) 

But in my opinion, it would do more harm than good to remove Trello public boards from Google’s index. Many groups use and need this feature. Instead, let’s all spread the word so we are responsible for the sensitive information we manage :)

Gonchik Tsymzhitov
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
May 18, 2018



Looks like not many person wants to clear and conert to the private board with sensitive data. 

And Trello support did not get for me any answer. 




Gonchik Tsymzhitov

I do understand the reason why some people need indexing of their public boards, but there are at least as many reasons not to index it. If I want to be able to quickly share a board with 10 people and not add the 10 people to the board and ask them to create account/login, I need to use a public board. But I may not want to have the info indexed for everyone else to see. Why not simply have the option at board creation? It's just about adding a no-index tag to the board which have it enabled...

Like Patrick Taylor likes this

Why not just implement a setting which controls indexing? Typeform does this and it's great solution to the issue

Like Gonchik Tsymzhitov likes this

I think it is pretty common for google to be indexing pages on its own. You have to disallow google to index that particular page or if you wish all of your pages. My calendar was visible on google search once, then i had to make it private.


Log in or Sign up to comment
AUG Leaders

Atlassian Community Events