[All Platforms][Other] Add some more measures on preventing fraudulent account changes.

Recently, my account email was accessed and changed by an unknown party. I get it, could have been my fault (password phishing, breaking, etc.). But, I think it could have been prevented with another factor of authentication. 

 

I only noticed the change because I check my email quite frequently. I'm afraid that if I hadn't caught the change quickly, then I would have lost all authority on my account.

 

The email that replaced MY email was very obviously a throwaway email (unpopular/unknown host site, as well as a obvious random identifying name). I think that there an be some location (IP) based authentication system that checks if you have ever logged on Spotify at that IP or in that geographical location before.

 

ALSO, you could also have some cross reference database with known host sites or some algorithm that predicts the likeliness of an email account being real (data on the account, date created, etc.). Not sure how plausible this solution is, but it seems that there would be an easier way to identify these fraudulent changes.

Updated on 2020-01-10

Hey @paxtoco 
 

It's better to post each suggestion in it's separate thread. That way, users can vote on each one of your ideas.

 

Just be sure to check out if the idea is already there. If it's not, submit it after reading the idea submission guidelines.


In the meantime, a similar idea has been suggested here:

 

https://community.spotify.com/t5/Live-Ideas/2-factor-authentication/idc-p/1017979

 

If possible, please vote for it, and add a comment there, so it may be considered. Any update on the matter should be posted there.

 

For more info on how the Ideas Board works, click here. 🙂

Comments
LoveBun
Visitor

Absolutely need another form of authentication!!

 

A very similar situation happened to me recently. Someone was logging into my account from a web player when I almost exclusively use the mobile app now. They added things to my playlists and were listening to artists I've never heard of. This happened 3 times in less than two weeks (twice in one day!). The only thing I could do was change my password to ever increasingly complex ones yet it didn't matter. After talking with the support chat, I was able to create a completely new account. If they had a location based authentication or two-factor authentication then I don't think this would have been an issue. As much as I love Spotify, I don't like that the account feels so insecure.

Rock Star 23
Rock Star 23
Status changed to: Case Closed

Updated on 2020-01-10

Hey @paxtoco 
 

It's better to post each suggestion in it's separate thread. That way, users can vote on each one of your ideas.

 

Just be sure to check out if the idea is already there. If it's not, submit it after reading the idea submission guidelines.


In the meantime, a similar idea has been suggested here:

 

https://community.spotify.com/t5/Live-Ideas/2-factor-authentication/idc-p/1017979

 

If possible, please vote for it, and add a comment there, so it may be considered. Any update on the matter should be posted there.

 

For more info on how the Ideas Board works, click here. 🙂