I entered a wrong code 6 or 7 times (for science!) and then entered the right one, which still worked.
And with a 6-digit code, there are “only” 1,000,000 possibilities, which isn’t that much.
(and on average you’re in after 500,000 tries)
Having a limited amount of tries (3 is probably more than enough, maybe just even 1) would be nice.
20 Likes
The codes need to be voided after a few minutes, in my opinion. Maybe after 5 minutes from sending the email, the old code is voided?
Edit: A timeout penalty for incorrect pin code attempts would also work well.
Something like an authenticator app would also work (Eg. Microsoft two-factor app, or Google authenticator).
4 Likes
Google authenticator would be a nice way to handle this.
1 Like
They already are. From the e-mail I received yesterday:
“This code will expire in 15 minutes.”
1 Like
For future use, I think it would be great if 2FA was built into the Roblox app for mobile devices (See example below):
4 Likes
Attempts to input a code aren’t unlimited. You should try doing say, 100, and see what happens.
1 Like
What’s the actual limit?
Anything higher than 5 seems way too much.
4 Likes