This post was flagged by the community and is temporarily hidden.


Hopefully this helps anyone, and for anyone who is reading thinking “Well I already know everything about security”, you should read this anyway, as there is probably a lot if info you’re missing.
Also, open the hidden details areas, as there is a lot more than you think there.

Hopefully this helps, thanks!

1 Like

Wow that most of token you awhile to write thanks for taking your time to help us all!


I would highly suggest organizing this tutorial. Use this to help you: Developer Forum Formatting Guide - Forum Feedback - DevForum | Roblox

I just realized that Roblox doesn’t haven have their own tutorial for keeping your account safe. :flushed:

I can relate to the pain of typing on a phone.


Yep it took quite a while to write, your welcome for helping and thanks for the compliment!

Sure will do, a large portion of this was done on my phone, but I will definitely organize this more! Thanks!


1 Like

I believe I’ve fixed the problem that this post was flagged for, if not then please contact me through dms.

Intresting but wouldn’t 2 step verification just be necessary and not expose your email.

I don’t see an option to add a recovery e-mail in settings.

The official google guidelines say this (for gmail)

" 1. Go to your Google Account

  1. On the left navigation panel, click Personal info .

  2. On the Contact info section, click Email .

  3. From here, you can:

  • Add a recovery email.
  • Change or delete your recovery email: Next to your email, select Edit
  1. Follow the steps on the screen."
1 Like

What?.. Roblox… has no backup email. Only one email can be used per account

Quick tip for anyone reading this, people like me or linkmon99 use seperate individual emails for each service keeping scams / phishing emails easier to detect.

This contradicts itself. Definitely don’t make use of easily guessable dates or the last 4 digits of your phone number. These things can be found out and will be possibly tested.

You should always secure your accounts as much as you can. It would be very wrong to let your security down because you assume that you are not at risk. I also don’t recommend using any sort of verification (especially when it comes to account recovery) that makes use of your phone number (SMS and calling) if possible. There have been known attacks with that.

When it comes to passwords you should just simply use a password manager.

That simply isn’t possible.

Installing extensions can dramatically increase the risk of you being compromised. You should keep extension installations to the minimum.


I think you misunderstood, I meant making a recovery email for the email you verify your account with.


I believe they do, though not all the info there is included, of course they list things like to keep a secure password, though I felt like I should make this as I saw more activity in compromising accounts.

Lol, lets remain nice, I don’t believe anything with this was wrong, though I’m currently waiting for staff to verify that it is in the clear

Thank you for informing me of that as I was unaware and it will be removed. also hi moded, kind of a fan lol

Ok, I will redo the part about the phone number things, but the reason I did multiple “levels” of security was for one (like for the noob one) to show that security that low is not going to help you our, and two because some people aren’t willing to put so much into security, like having to remember a 24 digit passcode that isn’t typed/written down, (or like the baton the hatches thing which I believe the physical chip actually costs money, and it is a hassle to set that up).
Good points though and if this is cleared by staff I will be doing a revamp to this topic, if not I may move this to bulleting board and ask for feedback through DMs.

I have a history of “fake” stories with IP addresses and how they can cut out your electricity or get your address (which I obviously know now is fake though I still don’t have full context on that power, so I will refrain from mentioning IP logging unless it is necessary in the future).

I more meant this as “trusted” extensions (like Roblox+ is trusted as it is literally made by an intern at Roblox), this was rushed sometimes and created on phone (which is why I’m doing a big revamp to this, for reformatting and fixing/clearing things up). To be fair, I think you should only need 1-3 extensions for Roblox, which to most people is to much anyway, on top of other extensions that people have.

Thank you everyone who left feedback, this will be revamped soon, and hopefully more people will learn about account security with things like this, Thanks!

Why would you ever tell someone that the longest their password should be is 6 characters? No matter how discrete their account is, you should never be promoting such poor cyber security.

1 Like

That was an example of bad security, hints the message at the end of that:

it’ll be changed, i apologize severely.

You should be more transparent about that. It would be better to format the section like so:

Is my account security bad?
If one of the following applies to you, your account is at risk no matter how popular of a user you are. You should follow the directions in this post to secure it as soon as possible.

  • My password is under 12 characters
  • I do not have a verified email on my account
  • I do not have two factor authentication enabled on my account
  • I do not have an account pin set
  • My password has no symbols i it
  • My password has no numbers in it
  • My password has no letters in it
  • My Roblox password is the same password I use for a different site
  • Etc etc
1 Like

Ok, I complied with your list, along with making some fixes to some degree with a few things from what moded said.
Like I said, soon this should be fully revamped, and again I apologize.

1 Like

Why did you remove all the offsite links, the only place those are restricted is #bulletin-board. Nice tutorial, though I don’t think Roblox lets you connect one of those physical keys to your account.

I meant the part of like the singing out of other people’s accounts, it’s not mentioned last time I went there, they just say “YEAH PROTECT IT” but if something happends they don’t say anything on their hub post thing, I think they leave that to the support team I guess.

1 Like

I think those were automatically removed, not sure, they like seem kind of bot-like.

I like the new Microsoft Edge based on Chromium, it’s pretty good. I never tested the release because I didn’t have a pc at the time, anyways now I’m just using a windows 10 computer which my dad is scared of updating because there’s sensitive stuff and it’s not “needed”.

But if the betas were good, the release is probably really good. The only downside is that myself, I use google services alot and chrome auto logins everything for google and that’s wonderful. But I never use microsoft unless it’s to complain about email stuff.

1 Like