If you’re opening it on Android and clicking the last option, use your phone as a security key, that also works, or I believe you can scan a QR code but that’s annoying since in my experience for having that for Google, it requires you to scan it every time.
1 Like
True, but that doesn’t mean you can’t improve account security with more options available. 
1 Like
If I sign up with this for Face ID on my phone can I also use a key on my computer?
You can have up to 5 keys on your account, so as long as you don’t have 5 phones with faceID attached.
2 Likes
Isn’t this change completely useless if someone has your ROBLO_SECURITY token?
If someone logs into an account by using a cookie on a new IP address it should prompt the user to verify. This would resolve the vast majority of account compromises.
2 Likes
ROBLOSECUURITYs are IP region based. If you try to use a ROBLOSECURITY token in a different region it’ll automatically invalidate the ROBLOSECURITY, even if you don’t have 2FA enabled. Which is a great update for most of the player base, but annoying for people who use vpns (ik they aren’t supported on roblox) and some developers using the old apis.
You can read more about that annoucement here:
2 Likes
Can you explain how the security USB thing works please? I dont understand how it works
Plug in your Yubikey, press the button, done.
1 Like
Then I would really, really love an explanation as to how people still get their accounts “beamed” by people tricking them into giving their auth tokens away. Doesn’t seem to be doing anything.
If that worked as intended, it would still not prevent people using your token in the same region as you which seems very counter-intuitive.
1 Like
Well this shouldn’t be the case,
1 Like
If someone where to click a link on discord, it would look like this. So I doubt you’d fall for it
Amazing work by Roblox again!
This probably could stop most of the intruders. The evolution of Roblox account security of the last 5 years has been tremendous. Thanks again!
1 Like
More important than which YubiKey you get (for which you should definitely see railworks2’s reply), make sure you get two of them. Use one as your daily driver, and keep another at a safe location.
I often recommend you get two different ones, for both increased hardware compatibility (such as an USB-A + a USB-C one). Make sure you don’t forget to add them both to whatever website / app you’re signing up for!
9 Likes
This is amazing! Glad to see that there’s more secure options now. 
1 Like
Finally something that will protect accounts.
It’s a nice security system ngl, but the cookie called .ROBLOSECURITY still existing, while that exists it’s kinda impossible to get the account safer…
1 Like
It sort of has to exist, otherwise you’d get logged out clicking nearly anything on the Roblox website.
thats not enough with a key even if someone knows your password they cant login oh and you can still be hacked with the authenticator
1 Like
no the keys dont store in a cookie
2 Likes
This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.