Secure Your Roblox Account

2) Set Up 2FA the Right Way

In Settings → Security, enable 2-Step Verification. We recommend an authenticator app (TOTP) rather than only email codes. Popular options: Google Authenticator, Microsoft Authenticator, 1Password, or Authy.

• Save recovery codes in a password manager.
• Don’t share codes. Roblox staff will never ask for them.

3) Strengthen Your Credentials

• Use a long passphrase (12+ characters) with mixed words, numbers, and symbols.
• Never reuse passwords. If reused anywhere, change that password too.
• Store passwords in a reputable password manager.

4) End Other Sessions & Check Devices

• In Roblox Settings → Security, click “Log out of all other sessions.”
• Update your devices and run a malware scan to rule out keyloggers.
• Review connected devices/browsers for anything unfamiliar and revoke access when possible.

5) Secure Your Email (Critical)

If an attacker can control your email, they can reset your Roblox password.

• Change your email password and enable 2FA on your email account.
• Remove unknown forwarding rules, filters, or backup email addresses.
• Check recent activity and sign out other email sessions.

6) Spotting Phishing & Fake Reset Emails

• Check the sender domain and links. When in doubt, don’t click—go to roblox.com/login directly.
• Never enter your password on pages reached from suspicious emails or DMs.
• Roblox employees won’t ask for your password or 2FA codes.

7) If You Can’t Access Your Account

• Try account recovery at roblox.com/login → Forgot Password/Username.
• Contact Roblox Support at roblox.com/support. Provide username, email, device info, and recent activity (but never your password or full 2FA codes).
• If your email is compromised, secure the email first, then reset Roblox password.

8) Quick Message Template to Support

9) FAQs