I’m requesting this feature because as a developer from a country that does not use USD, it is often better for me to keep Earned Robux in my account instead of directly cashing out, due to exchange rates at the time and whatnot.
Although I keep my account as safe as possible, it still bothers me that anyone could spend my Robux if they somehow got access to it.
It’d be a great extra layer of security to have a Privacy/Security toggle to only allow Robux spending in the period where the account PIN is unlocked.
This would be useful not only for account safety, but also for parental control of their child’s spending, even after the robux has been purchased.
Ideally, it could also ask for the PIN everytime the user attempted to make a purchase so it’s not necessary to open settings (similar to what App Stores already allow you to do), but the Toggle in settings would already fulfill my request.
Account PIN is a parental control feature, it performs poorly as a security future. A PIN only has an entropy of 4 digits and is a static value.
I think what you want to request (you might want to edit title/description of your post) is to have a 2FA code check before spending (large amounts of) Robux.
I figured Account PIN would already work for what I requested and it would be an extra feature for parental control. Roblox already asks for 2FA on large amounts of Robux being paid out from group funds, but large amounts are relative.
Ideally, it could also ask for the PIN everytime the user attempted to make a purchase so it’s not necessary to open settings.
This would also be quite annoying if it were to be 2FA.
Although 2FA would certainly be safer, account PIN would still be an extra layer of security, even with that being a tradeoff between ease of use and safety.
To be absolutely clear what I mean: it would provide no actual security. If someone compromises your account, they can silently do PIN attempts without you knowing for a few hours/days in the background and automatically transfer out your funds once they crack it. It only takes ~5000 attempts on average to crack if humans were truly random in choosing 4-digit pins (which they are not). At only 1 PIN check per minute, they would crack the account in ~3 days.
PIN is not a solution to sophisticated abusers, and is categorically a bad decision because PIN is meant for parental control. It would be a waste of engineering effort for Roblox to pursue this path. It should be 2FA-based.
You’re right, however on the parental control side, this feature would still be useful (and could still be used by the average user), even if it might not be the best for my concern in regards to security. Perhaps it’d be best to make another feature request later on for roblox to request 2FA before spending large amounts of Robux on accounts too instead of only groups.
The considerations are entirely different from parental control perspective, so it would need its own thread. Parents likely have a need of a spending limit system for their kids instead of just locking behind PIN.