Recent hacking has been taking place a lot. It has been recently that people have lost their ROBLOX acc + emails. They wonder how people do this, as the email is hidden by ROBLOX. I have the answer. If any ROBLOX staff would like to message me, I will gladly explain the insecurity.
1 Like
Any way we can prevent them from taking our accounts in the meanwhile? Glad you figured out how the accounts are being taken though – finally we can put a rest to this.
Im not sure this is how they’re being taken- but most likely how they’re being secured, and how they access all your other stuff. Its a very dangerous loophole.
So is there no defense against it?
Nope. Only ROBLOX can sort it. I may have an idea on how they’re gaining access in the first place too.
Please do not jump to conclusions without data as all it does is cause fear. We are exploring this elevated cases in this situation. 99% of these cases are results of information being provided or phished in forms that people don’t realize. Here are two major ways you can help prevent this:
Not using the same username and password on every site or for multiple accounts on the same site. You might think you are just signing up for an innocent fan site but you never know.
Read all plug ins before installing them. Cookie sniffers are the devil.
We understand that no one wants their account stolen and we are looking to get to the bottom of what is going on. The one thing we don’t have is what an owner of a compromised account was doing prior to being taken, on ROBLOX or off. I really don’t believe there is a steal any account exploit out there and comparatively the damage has been minimal, even though it sucks to have this happen to you.
All that being said if you have any other details please share them with us.
3 Likes
I have been told you are aware of the method of securing email addresses with ease. This could be incredibly dangerous to a user if hacked.
I will PM you what I think.
for those who are worried, here are some steps you can take to protect yourself:
-
create two randomly generated passwords for your email and account. Most of my passwords consist of 64 characters randomly generated, with roblox being the exception of 20 characters.
-
use a password database, and create a unique sentence no one will ever know about you. I use an online solution called passpack, which was suggested by a friend in the it field who worked at sally’s beauty at the time. Corporate apparently used it for keeping track of their passwords.
As for making a sentence, do something like “my dogs name is Fido”, but longer and waaaay more unique to you. This is what I’ve done, and have never been compromised since.
This here, is good advise.
(Although I have 3 passwords I use on waaay more sites)
(Still, never got hacked on any of them that I know of…)
My pass was >10 chars long, I think it was sufficiently complex, I don’t think it is a case of pass-guessing, more a flaw with something else.
I saw that one comming.
I spend way too much time on the internet
1 Like
Why is everyone assuming that it was the insecure passwords to blame? I’m sure I speak on behalf of those recently affected when I say that passwords were sufficiently long and it is insulting that you assume we know nothing about securing accounts.
I have never had any other account taken apart from on Roblox. The only time I’ve had assets stolen was on Roblox so can you please take our reports at face value instead of assuming ~10 people from this forum in the past week are all crap at securing their accounts?
Sorry about the rant but I’m guessing you would act the same if a bank blamed you for someone cloning your card. But I thank the customer service team who must be having to deal with a number of these cases lately and behaving in a way that is a credit to Roblox