Recently, my friend @GuestCapone has had his account compromised, and the attacker changed his email address on his account so he’s now unable to recover it himself. This is because the attackers were able to change his verified email address. I believe that additional security measures are needed here.
I believe a good measure would be an email verification code that is sent to the current verified email address. This should be required in order to change the verified email, because it’s the best way to prove that the new email is owned by the same person as the old one.
It’s not exactly what you’re asking for, but we are planning to add Two Step Verification to email address changes. You would first have to enable Two Step Verification. Then if you or someone else tries to change the email address, a code would be sent and need to be entered before the change fully takes place. We are planning to support more code delivery methods than just email. Again, this system will only work if the ROBLOX account has enabled Two Step Verification in the first place.