FANDOM


The .ROBLOSECURITY cookie is a browser cookie used by the Roblox website to store user sessions in a web browser. Its content is a hash that is used by the website to determine what user account the user agent is logged in. This means that if a user can be tricked through social engineering into revealing the content of this cookie; users who are aware of it can log into the account of the user by creating a cookie named “.ROBLOSECURITY” with the content revealed by the user. The hash used by the.ROBLOSECURITY cookie is only valid for a limited time.

Users who gave away their .ROBLOSECURITY must immediately click the "Sign out of all other sessions". Doing this will create a new .ROBLOSECURITY cookie.

If anyone asks for your .ROBLOSECURITY cookie, don't give it to them! Additionally, if someone asks you to use Inspect Element and download a .HAR file, do not give it to them either, as that file contains your .ROBLOSECURITY cookie.

You should be very careful with what you download because they can be hidden .exe file called "stubs" which steals your cookies and could send it off to a remote server all without your noticing. Your default mode with any file should be that it is a virus / cookie logger untill proven otherwise.

Cookie loggers

Cookie loggers are malicious software, such as a JavaScript, extension, or HAR (HTTP Archive) file, that attempts to view target users .ROBLOSECURITY cookie and copy it, giving an attacker access to their account.

If you have followed the steps and do not have access to your account, try resetting your password at https://www.roblox.com/login/forgot-password-or-username

If you are unable to reset your password, contact Roblox Support from an email address that has been associated with the account. They can also recover some stolen assets, like limiteds or Robux, if this is the first time the account has been compromised.

Cookie logger removal guides

There are many different types of cookie loggers, but below is a guide to removing the most common.

Logger removal guide (Windows)

Step 1
Press the WINDOWS and R keys at the same time.
Step 2
Type %LOCALAPPDATA% into the text box in the "Run" window and press the enter key.
Step 3
Right-click on the "Roblox" Folder and delete it.
Step 4
Click on the Recycle Bin icon on your desktop then click on the "Empty Recycle Bin" button.
Step 5
Open your preferred browser and check your extensions:

Make sure every extension here was installed by you and is trusted. Pay special attention to extensions that appear to be related to Roblox. A small userbase and negative reviews can help indicate a logger. If you find a suspicious extension, uninstall it.

Step 6
Search for the 'Control Panel' by going to File Explorer, in the address bar, search "control panel" then clicking "Control Panel".
Step 7
Under "Programs", click "Uninstall a program".

Make sure all programs here were installed by you and are trusted. Pay special attention to programs that appear to be related to Roblox. If you find a suspicious program, uninstall it. However, do not uninstall programs by Microsoft. Some of the programs by Microsoft are necessary for your computer to function correctly; if deleted, it may cause future problems to your computer.

Step 8
Scan your PC using an installed antivirus that you trust. Windows Defender will usually be fine, but for extra security use the free version of Bitdefender, Avast or Malwarebytes. (Microsoft also has a great list of 3rd party antivirus software that they trust and recommend, but most are paid software.)
Step 9
Go to roblox.com in your browser. Log in,  reinstall Roblox, reset your password and email in your settings, log out and then back in, and press the "Sign out of all sessions" button in your settings.

Logger removal guide (iOS)

Cookie Loggers most likely are installed with external files. Here is how to remove these:

  1. Go to the Files app
  2. Tap on Show All and then tap on select
  3. Search for files that are .exe programs and that they are related to ROBLOX.
  4. Select a suspicious file and delete it. Make sure to double-check the file first, because choosing the wrong file could destroy your device. 
  5. You might also reinstall Roblox after changing your password and logging out.

Logger removal guide (Android)

Community content is available under CC-BY-SA unless otherwise noted.