Account PIN now required for transferring group

Hello Developers, including the Roblox Developer Relations Team,

This is a nice change, and I’m pretty satisfied with it, since it doesn’t affect everyone and receives pretty positive comments and feedback regarding this change.

As many, many Developers mentioned, group theft is now almost impossible, since Roblox always tries to make players, and developers Roblox experience as safe as possible.

I’m happy about this change, and hope it will be useful in many different ways.

Roblox is working their way up for us, to make the imaginary platform, that David and his CEO Erik started, a more fun and safer place for all of us.

Best Regards,
CrashFacts

3 Likes

This is a great step in the right direction, but what about an account pin for group payouts and auto payouts? That would secure the group and it’s funds from being stolen.

Moving forward, requiring a pin for more things like accepting trades, selling limiteds, etc would probably get very annoying and tedious but would certainly secure accounts and make it much harder for them to be compromised and their assets stolen.

These extra security features could be toggled on and off in the settings menu for those who don’t need it, but could be a welcomed addition for those who need more security.

8 Likes

Thank you I will try and see if this works
Thank you

2 Likes

Hiya! I think this update might’ve broken the send group system. I was just sent a group, I have all permissions & stuff but it says on the “By” section on the group that it’s still owned by the previous owner. I have all the permissions as Owner but it says I’m not the owner. This is very confusing!

Group Link: Odyssey Asylum Roleplay - Roblox

Proof I hold the group :

4 Likes

I’ve seen this issue multiple times probably roblox has been glitching a lot recently.

2 Likes

Hm, yeah ROBLOX really should’ve tested around with the new pin required to send group option before releasing the update. :roll_eyes:

1 Like

@staff I suggest looking into this.

2 Likes
2 Likes

Roblox already has 2-step verification available for Roblox accounts so I think you’re pretty safe.

2-step will help secure anything that you’ve uploaded to the cloud in case that someone tries to password guess but if you are worried about local files stored on your computer, you could use “bit locker” which encrypts your entire hard drive but it’s probably a little unnecessary.

2-factor is pretty tough to crack unless someone knows your email, email password, and Roblox password. If you have 2-factor for your email, the hacker would then need to have your phone and your phone password in order to even attempt to crack the other 2-factor.

3 Likes

What about leaving a group? Do you have to put in a pin?

1 Like

Everything looks right to me. There is a role set called Owner that is not the actual owner role of the group, and the owner of the group is OdysseyManagement. Try refreshing? Might be a caching issue unless I’m missing something.

7 Likes

Yes I have see this happen before I swear its those “free robux websites”.If you checked the accounts they were all probably active user accounts not sure how they do it tho.

Roblox already logs location via IP-Address when logging in via 2FA (2 Factor Authentication), it gives you the location down to the city of the user, so that if it says somewhere you know is wrong, you know to change your password immediately. I don’t think it is intrusive if they already do it without worry.

1 Like

Pin-locking certain games would also be a great feature in case you ever get compromised.

1 Like

Great change, it was definitely needed.

I’m surprised I just learned of this today! As a major group owner, gosh, I can finally put my anxiety to rest abit more. :slight_smile:

2 Likes

Would be good, to let players without Premium to be transferred group ownership!

1 Like

This will finally put me at ease I don’t accidentally leave my group, or if I get compromised (not possible with my complex password but what if) then my group will be safe.

1 Like

Having email verification should be sufficient, and in most cases you can just link your email to a Yubikey or TOTP.

2 Likes

Finally! Ive been wanting something like this for ages.

A group I was a developer for got hacked and took 700+ USD devex worth of robux and ruined our game and economy because the owner was hacked and the group was transferred to a different account. Now stuff like this won’t happen more often.

1 Like