Spotify Community

7 years and none? This night someone invaded my account. So what? What can I do else, but only change my pass? Com'on Spotify!!!

Add more security options to the main Premium Family account in order to get more secure and less annoying solution

These days i'm victim of account hacking attempts.
I have to reset my password multiple times. As i use very strong password, i think that i'm still safe but having to reset such strong multiple times on a short period of time is really annoying.

Can we consider add a security option in order to block any connection attempts from a foreign IP using an unknow device (every device should be already known from the targeted account) ?
And i mean that it could be a (un)checkable option in the security configuration of the account in order to let the ability to add a new account when travelling out the country.

The goal is to avoid having to reset password and reconnect every single device (smartphone, Google TV, computer app or browser) everytime the Spotify is detecting a hacking attempt. When using very strong password it's really pain in the ass.

Thank your for the great app and service!

Added 2FA to my WordPress site the other day. Took five minutes.

Yes, Spotify is a much larger company with much larger systems. Yes, it would take them longer than five minutes. But it shouldn't take them over five years.

According to Have I Been Pwned my personal information have been leaked trough YOUR system, the compromised data include: my e-mail adress (hopefully it got no personnal info in it since it's just secondary), my IP adress (hopefully it's just a generated one thanks to a VPN), and MY PASSWORD.

Someome just had access to all my playlists, listening history,...

In the European Union, a company's client data is protected by the the General Data Protection Regulation (RGPD in french).

As a result, a data breach exposes a company to heavy legal penalties (up to €20 million or 4% of annual turnover).

Mary mother of god, all this could have been avoided if you gave more §hit about your users' security.

Excuse my english, I'm a french speaker.

@uncoy. It's about dataleaks and stolen accounts. You can get spotify premium for 5 dollar (one-time-payment) because of stolen accounts. You get a username and password and enjoy the premium till the owner managed to dissable the payment methode.

Or they join other people with subsciption.

I know 2fa isn't fully secure but you can't get that easy acces anymore and you'll know in an instant when your password is leaked so you can change it fast. Start with 2fa via email/sms. That works aswell

I just sent spotify this message in their survey:

I'm going to gather as many people I can and file a class action lawsuit, to whom who you neglected ENISA's recommendations of using multi factor authentication stated under the GDPR law.
You're handling sensitive personal data like addresses, bank account info and PayPal billing data. It could cost you €20 million, or 4% annual global turnover in fines.
You've neglected the users demand for MFA for eight years according to the idea forum thread on this matter.

---------

So if any of you users who live in Europe and have had your accounts hacked. Please write a comment here and share your story. We need to make spotify understand what they're doing is against the law, when people clearly have been subjected to Spotify's lack of user protection by not implementing Multi Factor Authentication.

Well ain't that cute? I'm trying to help and this wise guy comes in to point things out.

Well thank you. With credentials I didn't mean your login per se, but they have the permission to rip money straight out of your PayPal account sir. Hackers are nifty and since Spotify's security is poor af, would you feel safe knowing Spotify doesn't give a flying fork about if they accidentally let things get into hacker's hands... like the ability to bill your PayPal account on the behalf of Spotify? Well, I for sure ain't feeling too excited about their blatant behavior towards their users.

PS. Thanks for the comment dude. I love the constructive ones.