As someone who had to appeal for a game held by a holder group, only to be told that “the email for account MeaxisDev is not the e-mail you are sending this from”, then “the e-mail you have opened this ticket with is not the legitimate e-mail of this account” only to FINALLY, after 3 e-mails, be told that I need to submit from the holder account and not this one…
Incredible.
Wahoo! This is actually useful! Thank you! Does this work with other MFA methods (e.g. authentication code)?
while new security featuers are greatly appreciated, the weakest leak in Roblox’s chain of security is roblox itself.
Until Roblox finds a way to crack down upon or allow users to opt out of support tampering with their accounts, Roblox will always be the weakest link of security.
Have a strong password, pin, and 2 step?
doesnt matter
https://devforum.roblox.com/t/roblox-support-is-compromising-developers/2626687
Mistakes would be fine, should Roblox take action to recrify their mistakes, but they don’t.
To this day,
-50K members
in game economy ruined
game likely stored somewhere to be leaked or sold later
studio files tampered with
data had to be fully reset for many of our use cases
most of group owners badges and inventory items deleted
It took days.
The only other official communication he received from Roblox was some blab about how they were sorry about the poor support experience.
Great update it will prevent those account stealer from getting into our device, anyways thanks for the new update
But I have a question, is there a setting to not use this feature
No offense, but this is an insane question 
Let me exclamatize this part
ou will be asked to use a mobile or tablet device that is already logged into your Roblox account to approve or reject the login. The prompt will also provide details about the login attempt like device type, regional location, IP address, date and time. This prompt serves as an extra layer to help secure your account.
sorry I just had to do a meme
Does this mean that we won’t be able to login to our account if a mobile device isn’t logged in?
I would probably assume it would only show up if there is another device logged in. If it isn’t, I assume it would send the email since I’m pretty sure you are required to put an email when signing up
We are saved by two step verification
But I could be wrong. Don’t be confident quite yet.
Carbon-copy: @poggodoggodude
Anytime I send a friend request on Discord from my phone, I have to do some things:
To send messages to my new friend, I must:
This is happening because I use Discord’s mobile website on my phone and often browse on LTE. Maybe this is unusual behaviour.
With LTE, my IP address would be changing multiple times a day.
I don’t like downloading apps for websites which would reside on my web browser anyway.
I fear that a similar situation could happen – let’s say – if someone is using an LTE hotspot to connect their Windows machine to the internet.
I later found that it did some more hidden explaining inside post 1 of how it would work if you didn’t have a logged in device and it mentioned two step.
But wouldn’t it be more convenient anyway to just press a button to immediately open the app without fail than have to open one app and type in an entire url and potentially mess up and have to look where you made a mistake? I mean sure it takes up storage, but convienience matters sometimes
All I have to do is navigate to https://discord.com. It is saved in my link history, so there is no need to type all of it out on my …
Surface Duo’s multimodal keyboard.
Storage also isn’t an issue for me. My phone holds 128 GiB of space. Browser apps are easier to debug (especially if you’re using Kiwi Browser).
oh my sigma! this is such an AMAZING UPDATE!
Okay, this is a really cool update, thank you. Also: SurfaceAppearance.Color when?
2SV really is a bad idea for…. Well any company due to outlook banning emails for not using the account and Roblox is refusing to remove the email from my account making EVERYTHING impossible to do on Roblox. Can’t do group payouts. Login. Or even appeal! Microsoft even refused to regen the email.
dose this well need it i know some games get hack but what if hacker use that person email? then how do guy or her get Roblox acc back?
Thank you for doing more to protect the security of our accounts. We need more of this haha.
Oh right, unless its using the apps.
This is amazing update, but do you plan on adding Hardware Security Keys support for mobile devices? Phones can already use them without an issue both on Android and iPhone devices, thru NFC or USB-C (or even Bluetooth).
Apps like Discord allow this, which is certainly amazing as on Discord I can have only my hardware keys and disable TOTP entirely. With this change (and the login using code) there’s no reason that I can see for not allowing just hardware keys and disabling TOTP entirely.
