Bump. This would be a useful feature, here’s a better way to implement:
string Player.IdentifierHash [readonly] [notreplicated]
Roblox GUID identifier for the player's IP (handled by backend server)
Instead of giving a hashed version of the player’s IP to the client (this would literally take seconds to crack assuming it was IPv4), run the player’s IP through a database of IPs and matching GUIDs on the backend (property would be accessible only by serverscripts), and then give them the matching GUID (or create one if the IP is new). Simple! The game developers have no way of getting their REAL IP, only a unique identifier for them.
“fix your scripts to not be exploitable” is not a valid reply for a feature like this.
“this isn’t a foolproof solution, they can just use a VPN!” There’s only 4 billion IPv4 addresses out there, and I doubt an exploiter has access to even 0.0000011641532182693481% percent of those 4 billion IPs. They will run out eventually.
A huge majority of the exploiters we ban in Phantom Forces are repeat offenders using alts or completely blank (stolen?) accounts. We have no defense against them – we patch an exploit, two more get found. It takes 5 seconds to make an account, and hours for us to work on patches/automatic exploit detections. Adding something like this would be extremely useful.
That’s much easier to bypass. There’s no place on your computer you can’t access and finding which directories/registries a program reads/writes to is a trivial task.
There’s methods of finding alts, however none involves IPs or HWIDs. Another popular game studio was able to find alts using Discord → Roblox verification bots.
Anything that slows down exploiters is not futile. Exploits DO use HWID to determine the user of the exploit, and to make sure multiple people aren’t using one account for any given menu.
It’s not really safe, in fact exploiters can change it easily.
It would just cause problems because someone could just access your HDWI and get you banned, in my opinion it’s not a good idea.
“HWID” is not a built in feature of computers. This is usually just some value calculated by doing an operation (like hashing) on the serial numbers or other information of the installed hardware. It’s a concept rather than an universal value.
Exploits compute a HWID to identify because it’s good for whitelists, and because it’s not beneficial to try to mess with it if you’re already whitelisted. On the other hand, it’s terrible for blacklists, because it’s extremely easy to hook and spoof the code that retrieves the information from the hardware and randomize it or whatever. In fact, exploits already do this to avoid fingerprinting.
It’s not - the detection method here is a very basic and easily bypassable one. You literally just need to restart your PC, or overwrite the os.clock method.
It’s a relevant link (aka a reference) which backs up my point that the detection method is easy to bypass. It’s up to you what links or websites you click.
I’m not going to derail the topic by discussing this further with you.
If you don’t want to read the reference I provided, I’m not compelling you to do so. I don’t see the need to embed a page when I can link the relevant repository instead. My point stands that the RoGuard Anti-Cheat will not help the poster of this thread with their issue in any way.