Announcements

Help Wizard

Step 1

NEXT STEP

[All Platforms][Other] 2-Factor Authentication

Spotify should, as a matter of good practice and safety, implement 2-step authentication.

 

Previously, Spotify enabled the option to log out other sessions other than the current session.

 

This would prevent hackers from stealing accounts, which would additionaly lead to less account hacks and less work for Spotify employees to assist in these cases.

 

More info: https://twofactorauth.org

Updated on 2018-10-18

Hi everyone, thanks for bringing us your feedback in the Spotify Idea Exchange. We’re ready to mark this idea as ‘Under Consideration’. 

 

We are currently investigating various solutions for account security for our users, e.g. 2-factor authentication. Any news regarding user-facing security updates will be posted to this thread as a status change.

 

If you'd like further information about protecting your account please visit our Support Site here.

Comments
walp
Calm down. Not being wise, just helping you not looking stupid in front of
a court but okay, shoot the ones that are on your side..
t3chfre4k

Well, this isn't court. But thanks goose for having my back not making me look stupid in a presumptive court by making me look stupid in a public forum instead. Well, I reformulated what I meant so I hope that sorted any uncertainties. And yes I'm calm, but I'm tired of Spotify and their sh*t, and on top of that I'm not here to be outwitted by other users. I'm here to try to solve a problem for myself and others, as this is a forum where the users should stand together against Spotify. Read back if you'd like to see my capabilities on legal technicalities.

I'll take it as you wanted to help out then. No hard feelings.

walp
Oh boy these guys. Nvm, good luck then.

I feel like this is seriously needed for them as I have had my account hacked twice now.

p2oi3x_-o0lkl

Bump, +1 for YubiKey support please; and a +10 for no pointless SMS implementation

 

Edit:

I've just noticed this was requested in Jan 2015... for a company dealing with payment information it's a joke that some form of MFA hasn't been implemented, especially given how trivial it is. Yes, YubiKey support is an extra hurdle; but TOPT has long been standardised.

Jekkelock

Is this a joke?

I can develop a simple 2fa system as a first year computer science student. And they PAY these people with years of experience to have useless meetings while they cant add a core security feature since 2015. Elon should buy spotify and fire 85% of the staff there

aidanhak

How is it that Artists can enable 2FA on the same exact page as users, but we still don't have 2FA yet as users? What the heck is the hold up?

ParentalControl

Maybe even utilizing passkeys from apple and chrome.

 

Or allow us to use a single sign in like Apple or Google exclusively without having to have a password. Thus allow us to disable the password portion of Spotify 

Flagg2kj

It seems that because of the fact that Spotify users are able to sign out of their account from all existing devices instantly, Spotify may think this is more than enough “security” and it’s better than nothing.  
Spotify: “Hey, be happy you have crossfade!”

Soebren

I really do not understand why you are not doing it, you are just postponing it by saying "we have passed it through to the security team etc etc".

At this point Spotify does not have a good excuse or/and reasoning for not providing the multi factor auth option. 

The budget is there, the necessity for the technology is there, the people that want it are here. The only thing that is not there is Spotify that can't get their priorities straight. 

As an IT'er and someone to whom music means a whole lot, I am constantly being tempted to change music platforms, and it will not take very long before I change.

Artists that are way underpayed, Spotify Connect that has a clear limit on the amount of devices to whom the qeue is synced, No option to see logged in devices, no MFA, absolute garbage shuffle algorithm...