I recently had to sign into my phone using this method due to the main method refusing to work.
When I go to select my main Roblox account, a not very SFW account that I have never heard of shows up.
Curious, I decide to let myself into this account on a private window to find its using my email address unverified.
I hypothesise that for accounts that have a verified email which then attempt to use a new email, this wont work
Expected behavior
Accounts with unverified email addresses should not appear here, its a security loophole waiting to happen.
Note: While a private message was sent, its no longer applicable because the situation changed