My account was hacked tonight, they changed both my password and the linked email address to prevent recovery. The email they used was from **bleep**.com, a site that generates temporary email addresses. In order to make these things slightly more difficult for hackers, it would be sensible to block email accounts from those types of sites (there are many, e.g. temporarymail.com, temp-mail.org, **bleep** etc.). That way they would need email addresses with at least some kind of credibility.
Updated on 2020-01-18
Hello and thanks for bringing your feedback to the Idea Exchange. We've marked this as a new idea - we've also edited slightly the title of your idea to make your suggestion more clear to other users.
Keep in mind that if your account is taken over we'd recommend following all the steps listed here, including reaching out to us. This way, a member of our support teams can take a look backstage for you.
Spotify Staff will look into this idea once it reaches the necessary amount of votes. More information about how the Spotify Idea Exchange works can be found here.