I found in my e-mail this legitimate password request:
I spent several minutes going over the links and the source of the e-mail and talking with another dev forum member because this looked like some kind of phish attempt. Here’s why I thought it was a phish:
-
The subject is “Roblox Account Password Reset” which, since I don’t receive these very often, it was alarming to see this subject line in my inbox, which made me believe my account had been stolen as the subject line does not specify a request. Sure, the body says it is a request, but when I opened the e-mail I was spooked and missed it.
-
The “Roblox account” is my e-mail; phishing letters tend to explain things poorly in an attempt to confuse people into doing whatever they ask, which is why the mis-match in types was suspicious.
-
The time limit. Phishing attempts often include time limits to pressure people into doing whatever they ask.
Hopefully these parts of the password reset request e-mails can be tuned to improve clarity.