When you realize you’re complaining over something roblox went out of their way to do to help us:
My point is that its better to have this not have a reminder at all. In my opinion, there shouldn’t be complaints in the thread that this post isn’t enough. At least give suggestions to improve security rather than just complaining about their efforts to help us…
I said “just on DevForum is not enough”, does it look like that every Roblox user knows and uses DevForum?
Well no. A more logical way to promote account security is over somewhere like Twitter, as more users are there. Not counting the amount of people who reply on their posts saying their accounts get compromised over scams.
Like I said, the best way right now is to spread the word.
Sure, how about ways to prevent cookies from getting stolen? Encrypt it? Put it on a safer jar? Come on, a file can do that (steal the cookies) in three steps, there should be a way to stop it
We recognize the concern and are actively working on things to address this. Stay tuned for more!
Just a quick question, I’ve never had the option to get 2FA codes via SMS, so I feel like it’s useless? Is it a US only thing?
Are you using an authenticator app?
Yes, I’m using both email and auth app, take a closer look at the screenshots. Even when I had email only, there was nothing for SMS 2FA codes
2FA via SMS is not an option, since SIM cards are more prone to getting locked than your email address
Moreover, if your carrier is locked you’d have to change the number when you change the phone (not going through unlock process) and if you have a prepaid SIM, you can lose it
Easier to change your email password than your SIM PIN
i meant something else.
Nevermind…
However, 2FA via SMS could actually be an option, as you can only have one phone number anywhere in the world, unlike an email address, that’d be another way instead of using an authenticator app (in case you accidentally uninstall it and you did not save your security codes)
Don’t forget about Simswapping
This is incorrect, Roblox links always start with roblox.com, however the ‘www’ is not on every page, for example Roblox uses users.roblox.com, web.roblox.com and create.roblox.com and many more! Also, share-links don’t even use Roblox links at all! They use their own website altogether…
NO! SMS was not built with security in-mind and your calls and messages can easily be tapped into.
Worth noting that as far as I’m aware this is only built into Android so if you don’t have an Android device you could no longer log-in. But anyway, we are drifting a bit off topic now…
What about mobile links and stuff? Don’t those have weird URLs?
I appreciate u reminding us of this 
Two words, cookie grabbing. It should be mentioned anyone suspicious, e.g scammers are getting players to follow a tutorial for them just release a file that includes their cookie for example (.HAR file)
