Can we have an account creation cooldown?

I have been noticing quite a lot of spam accounts with the same name, yet different digits at the end, for example:

Maybe we could have an account cooldown, that looks to see how many accounts were created on that IP, and stops account creation after a certain number of accounts were made, or something like that? I know that people can use a VPN, but a hidden cooldown feature would be one idea on how to stop these bots.

If there is a feature like this on ROBLOX, maybe it could be enhanced? Like prohibiting the account creation of, say accounts with ‘worldevent’ in the title, for a period of maybe a few hours, for anyone trying to make an account with that word in the username.


Require verified email to send messages and place comments at all?

Not a fan of the idea of prohibiting account creation based on common patterns, I don’t think that’s going to work well and it will be easy to avoid.



Not that hard to get around email verification.

There are plenty of websites for temporary mail, 10mintemail is an example, setting up a custom email server isn’t super hard.

But it will slow them down…

Well considering you can’t send messages or comment without verifying your email now anyway, probably not.

1 Like

Oh, that’s cool (and at the same time it’s not because it’s not helping apparently :frowning: )

A verified email is already required for comment posting. Also the account has be 1 day old to post a comment. And we do have IP address floodchecking for account creation. All the bots you see posting comments have a verified email, have existed for more than a day, and used IP address masking to be created en masse. We know it’s a big problem that we do not have a great solution for yet.


I’m pretty sure these accounts aren’t botted. These spam links lead to phising sites so the large quanity of these accounts probably originated from people inputting their account info (or alt account info) hence some have items on their account/have older join dates.

Either way, it’s a tough system to combat and I feel like adding a captcha to messaging would help (as a temporary solution)

Edit: Just noticed their usernames, oops

not a account creation cooldown but a messaging cooldown

1 Like

this is why my messages have been friends only since 2013

1 Like

I only require they follow me.

or have it so you have to have an account older then 24 hours before you can send a message. that might help a bit as well.

No. We do not need a cooldown. We need a CAPTCHA.

A simple check mark, regardless of how many times you’ve signed up, even if it’s your first time ever landing on ROBLOX.

You should be required to click the check mark to validate you’re not a robot before being allowed to sign up. This would stop bot accounts from being created entirely.

But for creating accounts this will only slow them down a bit, they already make the accounts manually. For sending messages/commenting, captcha would help in that case.

Yes, but let’s put this in perspective here.

There is a huge corporation with hundreds of web servers constantly creating accounts, and posting spam with them to profit using their fake generator which is just a bullshit survey loop.

ROBLOX bans these accounts constantly - however it doesn’t matter at all because by the time they ban that account, 50 more are already posting spam comments on the front page games.

Do you honestly think that this company is going to continuously create hundreds of accounts manually regularly to post spam? No.

You’re correct, it won’t completely stop them. But it will slow them down so much that it isn’t a matter of “if they should do this”, it’s “why aren’t they already doing this”.

The spam rates would be cut down so much that it wouldn’t be near the issue it is now. Right now comments are useless. This could fix that.

I misread your post the first time. They do not manually create these accounts AFAIK. There’s no way they are. I can easily write a bot to create accounts with the current system. A CAPTCHA would prevent me from doing so.

Edit: there are easily tens of thousands of spam bot accounts currently. Do you honestly think they were created manually??

Edit 2: they are always very predictable usernames as well, which also supports my claim that they are not manually created. I have absolutely no belief they create these accounts manually. Show me the person spending hours making this amount of accounts and then I’ll believe you.

Commonly, the username is either a random word with a 4 digit number at the end (the biggest spam operation currently uses this). Otherwise, it is usually a word (i.e “robuxapp” or “worldevent” in this case) and then a number at the end of the username - this number is the bot number.

Accounts like “worldevent172” lead me to believe it’s the 172nd bot created for this particular spam. Did he create all 172 accounts manually?

Edit 3: More evidence to support my claim that they are not at all manually created.

So, all 200 of those accounts were created manually, in order? I personally believe a bot created them. The number at the end of the username coincides with the creation date. And, can’t leave out the fact that there is 23 pages of this.
Also, I did check. The creation date does appear to match up with the number at the end of the account. They were created in order, from 1 to 200, manually?

To clarify what I’m trying to get at here. There wouldn’t be as big of a spam problem if there wasn’t tens of thousands of accounts posting the spam. There wouldn’t be tens of thousands of spam bot accounts if there was a CAPTCHA.

This is just my two cents on the matter. A very simple solution that could be implemented quickly.

Like I previously said, this won’t solve the spam issue entirely. However, it will help ease it a ton. What’s the harm in adding a CAPTCHA to the signup page?

Take a log of the contents of the message, if there is a 90% overlap or it contains a phrase deemed considerably spammable: Website name, “15,000 Free R0Bux!” ect, the message is never delivered, the account is striked.
As an automated thing to tackle the problem at hand, after a certain number of logs these accounts should then be set to privacy mode permanently, with a roblox automated message telling them the phrase that had them shutdown. If they wish to appeal, that should be open to.

@ReeseMcBlox, how hard would it be to implement a basic version of a filter like this to messages?

Once again, though, this roots directly back to the issue I posted about - bots creating accounts.

If they did do this, the account banned would be replaced instantly. This isn’t very feasible at the moment imo.