It’s 2017, and cybercrime is always on the rise.
Sites like Google and Twitter has login history and sends a usual report to the email of the account. I feel like ROBLOX could use the same.
Many people get hacked, especially through downloading malware and bad extensions.
We already have 2FA, but the .ROBLOSECURITY cookie can bypass it.
I feel like ROBLOX should know where you are accessing the site from and show a history of it in your emails. In each entry (place where the site was accessed) there will show the location and the time, and even the IP. Users can choose to opt in or not.
If a hacker does login to your account and do bad things to it, it will show up in the logs. Even if he had a VPN and set it to Germany or something, and you live in Florida, it’d seem sketchy. Therefore when contacting ROBLOX customer support, you can simply present your proof that you were hacked and it’d make the job easier for them.
Plus, it’s a solid indicator if you were hacked.
Often, the hacker may not touch your account at all; but copy places you have, and ultimately leak them.
There’s a button in the settings saying “Send login history” in the security tab and it will do so. Of course there’s a “cooldown” because the hacker could spam your email by clicking it too much.
Also, since it is sent to your email, the hacker probably doesn’t have access to it (unless he has RAT-ted you, hopefully that’s rare ) so you could feel safe that the IP and the location you receive is privatized.
There’s also the option, aforementioned, to opt in and out of the monthly/weekly log of logins sent to your email. It’s shown as a checkbox below the “Send login history”.
I believe that this could help the security system be a bit more robust pairing this up with 2fa, and prevent future hackers from hacking other’s accounts.