[Security] 2-Factor Authentication

Spotify should, as a matter of good practice and safety, implement 2-step authentication.

 

Previously, Spotify enabled the option to log out other sessions other than the current session.

 

This would prevent hackers from stealing accounts, which would additionaly lead to less account hacks and less work for Spotify employees to assist in these cases.

 

More info: https://twofactorauth.org

Updated on 2018-10-18

Hi everyone, thanks for bringing us your feedback in the Spotify Idea Exchange. We’re ready to mark this idea as ‘Under Consideration’. 

 

We are currently investigating various solutions for account security for our users, e.g. 2-factor authentication. Any news regarding user-facing security updates will be posted to this thread as a status change.

 

If you'd like further information about protecting your account please visit our Support Site here.

Comments
buttonmasher
Newbie

I just got my Spotify hacked and they deleted all my playlists that I built up for years, but I was an idiot, I didn't realise that you could back up playlists. Anyway, I got them all back, I depend on spotify music to relieve stress and lift my mood and I use spotify mobile for my workouts so I was not happy when I saw all my playlists gone. Two step verification would be a great idea. :-]

user-removed
Not applicable

As of now I highly recommend Authy, they have both Android and iOS version apps available.

 

https://www.authy.com/

dshadows07
Newbie

Having just had my account taken over by someone and recovered by spotify support - I Strongly suggest they implement this for at least changing of email addresses to prevent the account being taken over in the first place.

marcusneipp
Newbie

Especially for administrators of Spotify Family it is very neccessary to have the possibility to use 2FA!
That's by far the only point why I'm not completely confident with the Spotify service...

I work in the IT department and nearly daily I get to know someone whose account has been stolen.

It's really irremissible to add the 2FA feature as soon as possible!

meahtenoha
Spotify
Spotify
Status changed to: Good idea, vote for it
Updated: 2016-06-09

Hey @ThomasVH we also think this is a good idea.

Please continue to leave your comments and kudos here and we'll post again here if we have any updates on this. Thanks!



Nethead
Newbie

anyone at spotify awake?

 

the world is crashing around us because people are not using 2FA and spotify doesn't even offer it

 

using a net service today without 2FA is like having sex in Zika Lands without a condom, don't do it

zeroxxx
Gig Goer

Why is this still not implemented? Ugh Spotify....

bleedyblue
Newbie

Is someone at Spotify actually reading the comments?

mackoy85
Casual Listener

Yes I think so. They should be reading these comments

SuperSluether
Casual Listener

If Spotify adds 2-factor authentication, they need to use something more secure than SMS codes. The National Institution of Standards and Technology updated their guidlines and highly recommend against using SMS. It's unencrypted, easy to hijack, and is only as secure as the cellular service. (case and point when someone successfully changed Verizon plan info using only the last 4 digits of someone's SSN)

 

2FA needs something you know (password) and something you have (phone, computer, etc). Maybe they could add the feature in-app, similar to Twitter's (now unavailable) "Login Requests" which would send a request to the app when someone wants to log in.