Announcements
The Spotify Stars Program: Celebrating Values Week!

Help Wizard

Step 1

NEXT STEP

[All Platforms][Other] 2-Factor Authentication

Spotify should, as a matter of good practice and safety, implement 2-step authentication.

 

Previously, Spotify enabled the option to log out other sessions other than the current session.

 

This would prevent hackers from stealing accounts, which would additionaly lead to less account hacks and less work for Spotify employees to assist in these cases.

 

More info: https://twofactorauth.org

Updated on 2018-10-18

Hi everyone, thanks for bringing us your feedback in the Spotify Idea Exchange. We’re ready to mark this idea as ‘Under Consideration’. 

 

We are currently investigating various solutions for account security for our users, e.g. 2-factor authentication. Any news regarding user-facing security updates will be posted to this thread as a status change.

 

If you'd like further information about protecting your account please visit our Support Site here.

Comments
thegreengrass

Wow that's horrifically unprofessional in the year 2017.

edussz

Are you kidding me?
2-Factor autentication is not a priority?
I was hacked just this month, and this is what you have to say... This is a HUGE F*ck you to customers!

Tobia

I think that Multi-Factor Authentication is very important and that you should reconsider your position when it comes to that.

wesmuis

I know I replied to this post half a year ago already, but since nothing has changed, let's do it again.

 

I saw the post where Spotify decided to not "move forward with 2FA at this time". If that doesn't scream incompetence, I don't know what does. 2FA is- most of the time- not the hardest thing to implement. And apart from new UI designs (which- are just getting worse), I don't see any reason for a "but we're busy with other stuff" excuse from the software engineer department.

 

And for something as trivial as music with payment data and personal info, that should not longer be an extra, but the default. Every big company has done it, and Spotify is not some "poor little startup"- if you are, then we have different problems- like losing our music when you go bankrupt, so I assume you aren't.

 

This is basically you saying that every one of your paying customers can sod off and you don't care about them, their data, their security or anything. They're a nice number until they get hacked, but even when Spotify gets hacked, you probably won't notice- only the customers will. So why bother?

dmakovec

Premium user here. I just fired up Spotify today to find it playing on some device called "munns ipod touch". I don't know anybody who even has an iPod touch (really, who does?), so I can only assume that either my account was hacked, or there's been some corruption of Spotify's account database. Either way, not pretty.

 

Of course I deleted the device and changed my password, but I can't help wondering why Spotify don't have a 2FA option that would eliminate this as a problem.

msephton

...because they don't care.

 

(but they should care)

gmerah

I'm a premium user. I've had my account hacked before and was luckily able to change my password and stop the hacker in time before he/she made any changes to my account. But it shouldn't have happened in the first place! It's horrifying to see how easy it is for a hacker to access my account. I was lucky to be able to stop the hacker in time, but I've seen how easy it would be for a hacker to lock you out of your account once he/she manages to get in.

 

There are no security questions, no 2-step verifications (whether by email or phone), nothing to protect our security other than constantly changing our password. Well, guess what? Passwords can be leaked. There needs to be additional security to our account, especially for premium users.

 

Why are you not moving forward with the 2-step verification? It's a huge security issue for those of us who are paying for your services.

Are this still not implemented? I've really no good words to explain how stupid this is. 

 

By not enabling us to do so is a BIG mistake by you. I hope you change your minds, and realize that you're going to HAVE to enable this for us. 

 

Most places/ sites have 2 factor authentication why not Spotify?? Do you guys not want the best protection possible for user's accounts??

Shocker_33

It's shocking that Spotify doesn't back 2FA.

 

Why would they decide not to implement 2FA? The only reason i can think of is the cost of development, which shouldn't be the reason why the implementation should be held back.