In my opinion roblox has some of the worst, and most dated security for accounts I’ve ever seen. It doesnt surprise me that my friend lost thousands of dollars in Robux because something like proper double authentication with an authenticator cant be bothered to be added.
As much money flows in roblox now especially with DevEx you would think we deserve higher standards in how we can protect ourselves but no. The pin in itself is an absolute joke. There are tons of places it should be to counter attackers logged in.
Yeah. To add to this there are many websites that gather leaked data into a database and you can pay a small fee access to it. If your password is the same or similar to any other account, and that website has a leak, people will get into your account. I think this is a huge source of hacked accounts. My friend got into mine this way but fortunately he did so to tell me to change it because of an XSplit leak. You definitely should use different passwords but considering the young audience there should be more activism here.
Roblox could potentially request users to reset their password on a yearly basis (required to use new password) to possibly prevent leaked database drops/caches
I personally see it as a very simple fix to group security that is absolutely doable for ROBLOX and requires no “new feature” to be created since the account pin already exists. It would reduce group/studio stealing/losses by a huge amount.
I think introducing this is a good idea. There aren’t any clear flaws in the request and as it’s in demand, I don’t see why it shouldn’t be included. If anything it makes handling groups way more secure, and fixes most, if not all of the issues associated with hacked accounts and loosing groups due to a hack.
For now, would it be feasible to move a group to an alt account that is rarely accessed? That alt account could be treated like an admin account. Sure, that alt account would have to have Premium to transfer, but at least the group can’t be stolen if a main account is compromised.
I want these sorts of features that secure any transfer of groups or even trades. I recalled Neopets having PIN #s behind sensitive site features that would change anything drastic to your account.
i strongly support this suggestion. since this happened to an close friend of mine. luckily he managed to get his group back but he lost a ton of group funds.
This is just a huge engineering failure that isn’t addressed for a long time.
If an owner of the group gets hacked and the hacker transfers the group to someone else. If the owner manages gets back their account, it’s going to be a pain to get that back, mostly in part due to Roblox’s poor customer support team.
We need this. Recently, I witnessed the groups of people close to me get compromised by hackers. From this, they emptied the group funds, and kicked all 25k members from it - he lost a year’s effort of work.
REASON THIS IS NEEDED:
Some users get tricked into giving their RobloSecurity or get tricked into files on discord / links. This is how the user I describe above messed up. This BYPASSES 2-STEP, but NOT the PIN. With this extra security, no damage could have been done to his group or its games. We rely on security to keep us all safe and without this feature it just feels so unsafe going around on your day-to-day basis knowing it could be napped from your clutches at any time - anywhere. Its crazy to be honest with you. You can Never be too safe. The more safe, the better I will feel. I’m a paranoid person.
Some people put their games under a group, and it’s ridiculous how a simple username type can transfer countless years of work in one button press without additional security or precautions. Groups should be as locked to an account as a game is under a player’s account.
Please consider adding this and add it as as soon as possible. For the safety of its users, developers - and for the safety of the platform as a whole.
