Having just had my account taken over by someone and recovered by spotify support - I Strongly suggest they implement this for at least changing of email addresses to prevent the account being taken over in the first place.

Especially for administrators of Spotify Family it is very neccessary to have the possibility to use 2FA!
That's by far the only point why I'm not completely confident with the Spotify service...

I work in the IT department and nearly daily I get to know someone whose account has been stolen.

It's really irremissible to add the 2FA feature as soon as possible!

Hey @ThomasVH we also think this is a good idea.

Please continue to leave your comments and kudos here and we'll post again here if we have any updates on this. Thanks!

anyone at spotify awake?

the world is crashing around us because people are not using 2FA and spotify doesn't even offer it

using a net service today without 2FA is like having sex in Zika Lands without a condom, don't do it

Why is this still not implemented? Ugh Spotify....

Is someone at Spotify actually reading the comments?

Yes I think so. They should be reading these comments

If Spotify adds 2-factor authentication, they need to use something more secure than SMS codes. The National Institution of Standards and Technology updated their guidlines and highly recommend against using SMS. It's unencrypted, easy to hijack, and is only as secure as the cellular service. (case and point when someone successfully changed Verizon plan info using only the last 4 digits of someone's SSN)

2FA needs something you know (password) and something you have (phone, computer, etc). Maybe they could add the feature in-app, similar to Twitter's (now unavailable) "Login Requests" which would send a request to the app when someone wants to log in.

Yesterday my account was hacked and someone -not me- was playing from my account. Even though it was likely my fault in the end due to the usage of a very very old password  that shall NOT be an excuse for the POOR security that Spotify provides which is pretty dissapointing and what is more important, Spotify is clearly aware about this issue -this post is quite old already- and  yet NOTHING has changed. Please, improve it!. Let the users control which devices can connect to the system. Add a second layer e.g. security text code / Phone call authenticator what's so ever while a new device tries to connect to the account and so on.... Otherwise I will have to explore  an alternative music service. 

Hopefully someone from Spotify read this

We've seen criminals selling stream services hacked account access now and then. Please reduce this risk. 2FA is a must for any service from people who care about security.