The .ROBLOSECURITY cookie is a browser cookie used by the ROBLOX website to store user sessions in a web browser. Its content is a hash that is used by the website to determine what user account the user agent is logged in. This means that if a user can be tricked through social engineering into revealing the content of this cookie; users who are aware of it can log into the account of the user by creating a cookie named “.ROBLOSECURITY” with the content revealed by the user. The hash used by the .ROBLOSECURITY cookie is only valid for a limited time.
Users who give away their .ROBLOSECURITY are urged to change their password, log out, and log back in. Logging in will create a new .ROBLOSECURITY cookie