I am currently developing a game similar to many online competitive multiplayer typing games where you have to type a piece of text as fast as you can. My only worry is that it seems very easy to cheat, such as using a program to type at insane speeds the texts shown automatically, since a text label can be easily read.
Some ideas of how I’d go about securing a game like this:
Don’t let the user type too many letters in one go (to prevent copy pasting)
Don’t allow typing speeds to go above a level (such as 250 WPM (Words Per Minute)) which I’m not fond of as I know it’s technically possible to reach high speeds in short periods of time.
Randomly generating text so it’s not predictable
I know some other online typing games have a way of verifying the speeds of players by showing them images of words to type (so unless there is some intelligent AI that can read and type the words this sounds pretty good) but I don’t know if it’s the best idea for something on Roblox (uploading 100+ images of words, not very easy to do)
Are there any other ideas on how I’d prevent something like this, or have I already thought of everything?
I think good way of preventing exploits would be images. You mentioned that uploading 100+ images would not be easy to do. What about uploading letters as images sperately then displaying them in order to create words. (So you would only need 26 images)
Also keep in mind that you should name all images the same to prevent exploiters connecting letters to name of imagelabel. Also don’t verify words on client, make client fire remotefunction in order to verify so client don’t have access to final words.
You can make an exploit blocker, which allows people to not exploit. Super fast typing is what some normal robloxians do. I do not think that you should add this to a normal game, but with this game you should really put this in mind. You need to make a fast typing speed, but it’d be really hard for putting a typing speed anywhere.
If the user us typing the text into a text box then it could be exploited from a injected script.
However, if you are using Mouse.Keydown or something similar it would mean that they would have to create a custom exploit that goes beyond roblox, I dont see anyone doing it this way as that would require a more advanced injector and using multiple coding languages.
Overall if you use Mouse.Keydown or something like that your game should be mostly safe. They can try to autoclick but if you were to randomise text this wouldnt be a problem.
The other issue is people using Macros, there are some paid macros that can use image recognition and then respond in a certain way like pressing a key. As for these there isn’t really much you can do to defend against them. If there is a leader board it is likely players that have this could rise to the top if they wanted to. It would only mean that they would have to create actions for the images. But these are paid and also require a little bit of effort for them to work so just do you best to catch the majority and then manually moderate the few that get through.
You could use viewportframes and let the client arrange blocks commanded by the server in it so they create a letter. Insert noise into it by changing block colours/camera angles/artifacts/block materials
@minimic2002 Exploiters can just fire the remote instead of emulating input.
Im sure you know but a remote would be required for this anyway to get either a local gui or the users input. Remotes should be secure for data security and also anti exploit.
Creating noise would do nothing to stop exploiters as they don’t care about the brick colour or material lol. If you looked at it from a exploiters point of view. You can just do Player.PlayerGui.Frame.ViewPortGui.Object and it wont slow them down whatsoever. Change the colour all you want, if you did that as an attempt of security then rip your game.
You don’t seem to understand what the implication is. The server will only tell the client at which CFrame and with which other properties to create blocks within the viewportframe, and not which letter to assemble. The exploiter cannot read out which letter is being constructed since the client doesn’t know either. This can be circumvented by creating an algorithm which interprets the letter from the 3d object constellation. Such an algorithm would be much more complex than a two dimensional OCR one.
The server is read only to the client. The data is not changeable but readable.
This means that if I were to read “A” that means I would make the client fire A or press A.
Its not hard to understand. In terms of preventing some exploits then using that could work. But if you were to make 3D representations of each model It would be simple to make a log of the part count, sizes and relative positions. This means you can use that to figure out what it is.
I see how it is slightly more secure, but nowhere near secure enough for it to stop exploits.
Point being is, before its even been created I can already tell what the faults are with that kind of system. Now exploiters can see the workspace, and they can only change local. But they can still use the read only information to work things out.
2D or 3D, there’s only 1 axis difference in it and its still a number that can be read and analysed. If im honest im disreguading this conversation as your ideas of anti exploits are changing colours and making it 3D rather than 2D. Its Pointless.
It does a little yes. But it terms of stopping them, you may as well of not tried at all.
Data is Data, it may be read only from the server, but that Data can still be used by the client to get what the key is.
Feel free to try it, but I really dont think its going to be worth the time. Time would be better spent securing remotes and just using Mouse.KeyDown as that is more secure than a text box.