Announcements

Help Wizard

Step 1

NEXT STEP

FAQs

Please see below the most popular frequently asked questions.

Loading article...

Loading faqs...

VIEW ALL

Ongoing Issues

Please see below the current ongoing issues which are under investigation.

Loading issue...

Loading ongoing issues...

VIEW ALL

[All Platforms][Other] 2-Factor Authentication

Submitted by on ‎2015-01-24 09:05 PM
Status: Under Consideration

Spotify should, as a matter of good practice and safety, implement 2-step authentication.

 

Previously, Spotify enabled the option to log out other sessions other than the current session.

 

This would prevent hackers from stealing accounts, which would additionaly lead to less account hacks and less work for Spotify employees to assist in these cases.

 

More info: https://twofactorauth.org

Updated on 2018-10-18

Hi everyone, thanks for bringing us your feedback in the Spotify Idea Exchange. We’re ready to mark this idea as ‘Under Consideration’. 

 

We are currently investigating various solutions for account security for our users, e.g. 2-factor authentication. Any news regarding user-facing security updates will be posted to this thread as a status change.

 

If you'd like further information about protecting your account please visit our Support Site here.

See more ideas labeled with:
Comments
daniellange
Newbie
2020-07-07 11:28 PM

It's 2020... Spotify, get your ass in gear...

girlyspeaks
Visitor
2020-07-10 08:00 PM

Just like many users' frustration here, why is this feature still not implemented?

 

This has happened to me twice already. The first time, the hacker was kind enough not to kick me out of my account - they just added their own playlist. 

 

Today, I got two email notifications re: login from India and Germany at 3 am PST. When I contacted Spotify, the agent said my account was not hacked and Spotify cleans up leaking info (whatever the heck that means).

 

I told him I failed to mention the 2 emails I received, and his response was "Okay, can you reset your password now?"

 

Bad security protection for your customers, and bad spiel from your agents. 

 

I hope that Spotify will implement 2FA feature soon. Otherwise, I'll take my business elsewhere. 

joshuaen
Newbie
2020-07-11 02:59 AM

This suggestion is 4 years old and still hasn't been implemented. I know I have, personally, had attempts to takeover my own account. This feature is now almost basic and necessary for most web applications.

electronicsguy
Newbie
2020-07-13 04:59 AM

What nonsense is this?

 

We’re ready to mark this idea as ‘Under Consideration’. 

 

We are currently investigating various solutions for account security for our users, e.g. 2-factor authentication

 

What exactly are you "investigating"? You need 2 years to consider a standard solution? You should fire your top management.

indomie
Newbie
2020-07-14 08:43 AM

"Spotify should, as a matter of good practice and safety, implement 2-step authentication."

 

It is not "should" anymore. It's a MUST. We paid for the service and you don't take account security very seriously? Only sending "new login to Spotify" emails are not enough to stop account hacking events.

 

Get it done real quick!

user-removed
Not applicable
2020-07-14 09:49 AM

Seems like Spotify won't listening to us, so I'm gonna give you guys a few tips:

  1. Download an open-source password manager.
  2. Create a free account, and enable 2-step verification (2FA) in it.
  3. Move over to the "Generator" section. Set the password length to 64 and enable uppercase letters, numbers and symbols.

Screenshot (249).png

 

After that, login to your Spotify account with your old password. Save the login info to the password manager if prompted. The prompt will roughly looks like this:

adddd-new-site.jpg

 

Go to "Change Password", input your old password, and in the new password box right-click your mouse to generate password from the password manager. Paste in both "New Password" and "Repeat New Password".

 

Screenshot (251).png

 

And then click "Set new password". Update your login info if prompted, or update manually.

You may refer to this website to learn more.

 

That's all that I can give, and remember, don't reuse same passwords everywhere to prevent you from credential stuffing.

 

Camelia79
Newbie
2020-07-18 03:11 AM

5 years and a half and 40 pages later requesting for this thing and nothing’s done yet...

clear_jellyfish
Visitor
2020-07-18 03:35 PM

It's crazy how this hasn't been implemented. It's been FIVE YEARS, Spotify. If you truly valued your customers, this would've been implemented sooner. Just today someone logged into my account from Germany and I was infuriated that I couldn't do anything to protect my account other than sign everyone out of the device and change my password. It's 2020 and this should be an option, there is no excuse anymore.

Josh_Wobbles
Casual Listener
2020-07-21 07:27 PM

Five years.... Wow, spotify is really just coasting on cruise control with zero efforts being taken...

bjvanderwoude
Newbie
2020-07-22 12:03 PM

Spotify, this should be your number one priority. Even after my account was hacked, there is no proper way to protect your data. Off course enlarging your password and making sure it's only used for this service mitigates some of its impact or chance, but come on, how hard can this be?

Related Ideas