As a Roblox developer, it is currently impossible to feel safe on the platform with my assets with the current lacking security methods. Roblox has made strides in terms of account security, but when we are talking about IP and assets worth thousands and even hundreds of thousands of USD for some users, the fact that it is so easy to fool people into bypassing 2FA is indicative of the problem that Roblox needs a proper, industry standard solution like every other major company (A solution like Duo, for example)
Personally, today, someone managed to gain access to my accounts for less than 2 minutes, regardless of 3 fail-safe systems preventing access, because the 2 factor authentication system has vulnerabilities. There is no way to verify quickly that Roblox is the authority with the 2 factor authentication page, so attacks where the attacker blind-MITMs the code is possible (and just occurred). Another example is the incident at RDC Amsterdam. The 2-Factor system was totally bypassed by alleged attackers, who may have been able to intercept cookies that were travelling plaintext across the venue.
Even if this did not occur, the fact remains that it could have and hundreds of developers could have had their accounts compromised and all their assets downloaded and sold, or worse.
I hope that Roblox decides to take a firm step into ensuring developer security. Despite the current system being technically sound, and still requiring a human error, it is too easy for attackers to use the methods described to trick people into bypassing 2FA security. There is only so much I can do as a developer to feel safe on the platform and frankly, I do not feel safe like I would on most other platforms.