Roll20 uses cookies to improve your experience on our site. Cookies enable you to enjoy certain features, social sharing functionality, and tailor message and display ads to your interests on our site and others. They also help us understand how our site is being used. By continuing to use our site, you consent to our use of cookies. Update your cookie preferences .
Create a free account

Three months refund for all paying users affected by data breach

Score + 7
Since we've had absolutely zero communication from Roll20 about the data breach on June 29th and what they're going to do to prevent yet another, I think we're all due at the barest minimum 3 free months.  Right now all I'm seeing is roll20 buying up other companies and working on features to drive more money rather than clean house and actually fix their atrocious security practices.  The request for MFA has been the highest requested feature for a long time now.  I'm getting the idea that project management there is refusing to put resources to the necessary steps to protect the information of their paying customers and only wants to put resources into things that make money.  This incident should cost roll20 money for the mishandling of our data and lack of common basic security measures.  Maybe the hit to the wallet will finally be enough to make them implement common best security practices such as MFA. I honestly expect this is going to be completely ignored by roll20, just like they've ignored requests for security for over 5 years now, no matter how many requests they've gotten for it.  I figured I'd give this a shot before I decide to pay for Foundry and start playing around with that, because I can at least secure that myself and do a better job than roll20.
B Simon Smith
Marketplace Creator
Good luck!
The most I was offered was an automated discount on my next month when I was about to cancel my Plus subscription. That sort of stuff resembles ISP practices that try to bribe people the moment they mention they're going to cancel the service due to problems from the ISP itself.
Sheet Author
DrHappyAngry said: The request for MFA has been the highest requested feature for a long time now. If I sort the suggestions forum by most popular, that suggestion is down at #10 out of suggestions not completed (if I counted correctly).  It isn't, and has never been, anywhere near the most popular suggestion.  It has less than 1/3 of the votes of the most popular not completed suggestion.
However, it is one of the longest, and especially with this data breach, one of the most important. The lack of actions after the data breach is what bothers me a lot more. And they warned about the data breach because they were required by law.