I don’t think removing a layer of security is a good idea because we have “2-factor authentication”. Cookie logging is still a issue on the site which lets a user break into a account without needing the password. Having the pin number made it more possible to recover your account upon the breach.
This is a incredibly bad change and will lead to more accounts being unrecoverable if it’s not undone.
+1 on this, the Pin feature was great as just incase the 2fa got through having another deterrent stopping attackers from changing account setting details was a great safety measure.
I hope a Regular or AllowFeatureRequests (or staff) happens to stumble across this post and make a Feature Request to bring back the pin in a MORE customizable way as a security feature! e.g a pattern or question (case sensitive), or multiple layers of numbers/patterns/questions which also lets you customize settings for it
ETC.
These would be really useful, unlock pin to use rbx would also be nice to have.
Ah yes, removing pin is definitely one of the smart decisions ever considered by Roblox, I appreciate your thinking!
Also, the account deletion feature is very scary, it should be very secure.
I was misleaded by how it looked lol, it redirects to tell you to go to support
Yeah, it sucks, because support never answered to me. When i wanted to close alt account…
I’ve made a suggestion on the suggestions page regarding the topic of the PIN being removed:
…is there a point? why would you actively want less security for player accounts this better have a reasonable explanation
Just like the FilteringEnabled update.
Seriously… y’all SHOULD BE ASHAMED BY DOING THIS. If you continue to remove legacy features, then I am not migrating upcoming features that replace legacy features. This is a big L.
I did not saw this before this update. Is it also part of it?
The content maturity part is new, it can be set in settings if you are the required age. But the feature itself is not new as it was introduced as the age requirement a few months back.
tl;dr please stop saying that PIN is a good security measure and please validate your claims (although I’m sure most here won’t even try because it’s easy clout and they need something to boost their ego)
Sure, you can get around login 2FA with the auth cookie (because you skip the login process entirely) but you can’t get around any other 2FA prompts with just the cookie (at least, not as far as I know)
As rude as this will sound, I advise to try and confirm whatever you’re saying before saying it (this also goes for like, the 300 other people who have said the same thing). 2FA is already required for critical account actions and simply trying to change your email with 2FA on already invalidates your claim
From the looks of it, this requires the account to be under 13. And if you have 2FA enabled (or are ID-verified), they won’t be able to change the account’s birthdate
There is only a finite amount of pin combinations you can have (yes, it’ll take a while due to the ratelimit but still) and, because humans are humans, most will set it to a number they can remember (the day + month of their birthday, their year of birth, etc…), which makes it even easier to get around it
Stuff like switching accounts etc. not stuff it’s already enabled for.
Nice job. Can’t wait for 2027 when they’re gonna reintroduce the pin and call it a new feature.
Please bring the PIN back imediately, because it was used by developers and traders MORE than it was used by parents using parental controls.
The PIN was keeping everybody’s account safer and now everybody who is over 18 and doesn’t need to care about this change because we don’t yet have kids, is just left with 1 less security layer, congratulations.
This is very poorly executed and I’m expecting this soon to backfire on Roblox.
The PIN shouldn’t be necessarily linked in any way with the Parental controls, because people over 13 were also using it.
“Just don’t install extensions, don’t click links etc.” This is a very lazy response to this entire situation. Roblox support has a very poor service of recovering accounts and if somebody uses Social Engineering skills on the customer support, they could probably breach into a few accounts.
PIN is and will be needed for the future of Roblox. Please bring it back and never remove it again. There’s abolutely 0 reason to remove the PIN safety feature just because you rebranded and re-released an already existing feature and called it new.
Someone already created future request… or something like that: Some sensitive actions can be done without additional verification (2fa gate or "pin")
Great update! However, can you make it that filing out the questionnaire, if you get marked as Social Hangout, it gives your game the Social Genre as well?
Since every game that is marked as Social Hangout would surely be primarily a Social Game, so the Social Genre would be fitting.
I don’t exactly get your point… do you mean switching accounts should require 2FA? Because that wouldn’t make much sense since the account sessions are stored in LocalStorage under the “RBXASBlob” key (which means it’s entirely local)
What if you share accounts and/or a PC? Wouldn’t really want siblings logging in as you.
