Announcements

Help Wizard

Step 1

NEXT STEP

FAQs

Please see below the most popular frequently asked questions.

Loading article...

Loading faqs...

VIEW ALL

Ongoing Issues

Please see below the current ongoing issues which are under investigation.

Loading issue...

Loading ongoing issues...

VIEW ALL

Please fully implement "Sign-in with Apple", add ability to disable Spotify credentials.

Please fully implement "Sign-in with Apple", add ability to disable Spotify credentials.

Avatar of mil1i
Casual Listener
2020-06-13 10:18 PM

It's nice to see that Spotify has taken steps to add the feature to create a new account or link an existing account to use Apple login credentials.

 

The problem here is however, the Spotify team has not taken the full measure to implement this for its security purposes. It's neglecting its user base that has been using their service and has music curation tastes built up over the years.

 

When you create a new account with your Apple account, there are no additional Spotify credentials tied to the account. When you link your Apple account

to an existing account, the Spotify credentials remain active.

 

This means that if someone ever gets ahold of my Spotify login credentials they can still login without the need to enter the 2FA method tied to my Apple account. This entirely defeats the security purpose of linking an external OAuth account.

 

Please add the ability to disable the Spotify login credentials once linking an Apple/Google/Microsoft account to an existing account.

Labels:
0 Likes
Reply
2 Replies

Avatar of OneByBoo
Roadie
2020-06-14 09:41 AM

Hi there @mil1i,

thanks for reaching out !

 

You can find and add your +VOTE to this live idea regarding the ability to sign in with Google.

 

Furthermore, if this idea does not cover your thoughts and suggestions, feel free to post another idea following the steps provided here.

 

Spotify takes its users feedback very seriously and you can read all about how your feedback reaches Spotify factors here.

 

Let me know if you have further questions:)

0 Likes

Avatar of mil1i
Casual Listener
2020-06-14 10:52 AM

I've updated the title since you've completely skipped the main point I was trying to make.

 

It doesn't matter what external login providers are available if the Spotify credentials remain active.

0 Likes

Suggested posts

Let's introduce ourselves!

Hey there you,   Yeah, you! 😁   Welcome - we're glad you joined the Spotify Community!   While you here, let's have a fun game and get…

Staff
ModeratorStaff / Moderator/ 3 years ago in Social & Random
Read more