In the last 6 hours, I’ve banned 45 accounts. Definitely same person (because they tried running the same exploit script/variations of it).
This cat & mouse game has been happening for the last 3 days since Monday.
Every time we have used BanAsync to ban the account, and the config is set to “apply ban to all known alt accounts”.
No accounts of theirs were ever stopped, as far as I’m aware.
It’s getting tiresome.
Alt detection is entirely dependent on Roblox having information that can connect two accounts together. This is subject to edge cases of course, namely VPNs and perhaps for example on platforms & hardware where tracking such information is harder.
Roblox alt detection is kind of a black box, intentionally so, therefore take everything I said with a grain of salt. If anything, this question belongs in Help and Feedback > Platform Usage Support.
Ban api relies on MAC address i already pointed this out before almost a year ago but roblox still didn’t patch this problem. The problem is that anyone on windows can enable random MAC addresses to bypass banasync.
If you don’t believe me feel free to try and test it and you’ll see on your own how bad their ban api is at detecting alts.
We’ve found the alt detection to be very unreliable, whatever metric Roblox is using to link accounts together is creating a lot of false positives.
When we had it on, we’d get a ban appeal every other day about a seemingly legitimate account getting flagged as an alt of another account.
It simply doesn’t work effectively for combatting bad actors with hundreds of alts. Exploiters can just hop between unlimited alt accounts without detection. The current system relies on some kind of long-term pattern matching, so it takes weeks before it matches an alt to the main (if at all). Roblox moderation/security tools are extremely lacking. Hopefully @oopsiemachine can improve upon it soon enough.
It never worked at all for me, tested it myself on a baseplate
Test place was a game with a RemoteEvent that insta bans you + a button to fire it
Banned one account and ensured ExcludeAltAccounts was false, all I did was simply go to the sign up page and register a new account and was able to join the game again, it does not require anything special, it seems it’s just that you can’t have the account in the alt switcher
roblox would literally be better off putting a random registry key somewhere containing a list of placeids a user can’t join
like yeah you could open regedit.exe and simply delete the key, but it’d be better than the current system that either takes weeks to detect an alt or does nothing