Account PIN now required for transferring group

You have to remember the majority of Roblox’s user base. I would assume most of them do not have iCloud Keychain set up or even have a password manager at all. Adding something like this would create more support requests of locked out accounts because kids won’t remember how they created a 20 digit randomized password, let alone what it is.

6 Likes

What should I do if I have forgotten my account pin is there some sort fo verification I have to do to unlock it? I do not know if it is me and im blind but I can not find a topic like this can someone point me in the correct direction

1 Like

It would be great to be able to activate the pin need in other important actions like purchases

1 Like

Finally this actually came, sounds so useless yet so good.

1 Like

Awesome! I’m looking forward to this because recently one of my buddies groups was taken over after his alt account was hacked. I like to see a closer move to better security in Roblox so stuff like Group Thievery doesn’t happen in the future.

6 Likes

This definitely will lower scam rates on roblox. Good work!

3 Likes

Now if there was any way of contacting Roblox support about reclaiming a group you made but someone else got everyone kicked out and join approval locked.

Hopefully this can be used to prevent all of the owners of groups who have lost tons of funds due to someone compromising their account. A nice step in the right direction :+1:

1 Like

Can you add a feature to roblox were we can use letters and numbers for are pins to make are account’s more secure?

1 Like

This is a step in the right direction and I’m glad Roblox is starting to work on the security of the website.

Back in December, I had 700,000 Robux stolen from my account, and my group stolen. They had gotten past my 2FA, my PIN and my complicated password somehow. They had disabled my 2FA and changed my phone number before logging into my account somehow, and I didn’t get any emails stating my account had been logged into. I have no idea what caused it since I never go to any suspicious websites. It was an extremely frustrating and chaotic 2 weeks of getting my account, my group, and my Robux back with Roblox Support tickets. The Roblox support kept trying to insinuate that there was something I had done to have my account compromised, even though I explained that my 2FA and my PIN were active at the time of the incident, and I had not gone to any fishing websites or clicked on any suspicious emails/links. (I went back months in my Chrome history to see if I had accidentally clicked on anything, but found nothing. The only websites I use are Roblox, Youtube, Reddit, and some other mainstream websites)

2 weeks ago, the same thing happened to a friend of mine, but on a much lower scale. She only had roughly 1,000 Robux, but she did not have 2FA.

When the group update came out a few months ago, I was able to look at the “Payouts” page to see where all my Robux had actually gone, and found out it was laundered to THOUSANDS of different accounts in small portions of 5-20 robux each.

There are some serious security issues with the Roblox website, and thousands of people get hacked constantly from no fault of their own. I’m happy that Roblox is noticing this and making tools to make it harder for hackers to compromise accounts, but I feel like there’s a core security issue that needs to be looked at.

Edit: For developers like me who build up Robux from their games over the course of the month before I can make my next Devex, there is a dangerous amount of Robux on accounts and groups, and it is a huge loss to get compromised. I don’t know exactly what can be done about this, but this is something to consider. I don’t feel comfortable knowing that my 2FA and PIN can be breached at any moment.

18 Likes

This is great. This prevents groups from getting stolen by hackers that hack people’s accounts. :+1:

1 Like

You also have to remember that Roblox has a vast amount of developers who have valuable items, creations, and more on their account. These developers do understand what iCloud Keychain is, and use it all of the time, along with other password managers (simply using Keychain as an example). Assuming that children don’t know about iCloud Keychain is simply wrong because security and account safety should be taught to all users, no matter the age. Also, you could apply your argument to the account pin feature that was just released if you wanted to. “The majority of Roblox users don’t own valuable groups, so why require account pin in transferring ownership?” As you can see, the “no one uses it so don’t implement it at all” mentality is simply flawed when applied to a constantly evolving platform like Roblox. Just like someone could create a support request “not knowing where their iCloud Keychain password is stored,” they could also create a support request about forgetting their account pin. In the end, security features like these are necessary and users should be given the option to utilize them. If you think you’ll be careless enough to forget a 4 digit pin, fine, don’t use it, but that doesn’t mean other people will feel the same way.

7 Likes

This is a good improvement. I’m surprised this wasn’t added sooner, but nevertheless, thank you.

1 Like

THANK YOU! This was a much needed feature!

1 Like

Finally, I’ve seem so many people support this feature and its pretty cool that its a reality now.

Has roblox revealed the reason to why we aren’t allowed to change group names?

4 Likes

This is an awesome feature! As Roblox is getting bigger, so is the security, awesome!

1 Like

I just left a group yesterday because i didn’t need it anymore. If i had just waited 1 day I would have seen this amazing new feature!

1 Like

So happy with this new and much-needed addition. Thanks!

Please, please, please, add a 2fa authentication system like Discord has

12 Likes