Spotify Community

Yes I think so. They should be reading these comments

If Spotify adds 2-factor authentication, they need to use something more secure than SMS codes. The National Institution of Standards and Technology updated their guidlines and highly recommend against using SMS. It's unencrypted, easy to hijack, and is only as secure as the cellular service. (case and point when someone successfully changed Verizon plan info using only the last 4 digits of someone's SSN)

2FA needs something you know (password) and something you have (phone, computer, etc). Maybe they could add the feature in-app, similar to Twitter's (now unavailable) "Login Requests" which would send a request to the app when someone wants to log in.

Yesterday my account was hacked and someone -not me- was playing from my account. Even though it was likely my fault in the end due to the usage of a very very old password  that shall NOT be an excuse for the POOR security that Spotify provides which is pretty dissapointing and what is more important, Spotify is clearly aware about this issue -this post is quite old already- and  yet NOTHING has changed. Please, improve it!. Let the users control which devices can connect to the system. Add a second layer e.g. security text code / Phone call authenticator what's so ever while a new device tries to connect to the account and so on.... Otherwise I will have to explore  an alternative music service. 

Hopefully someone from Spotify read this

We've seen criminals selling stream services hacked account access now and then. Please reduce this risk. 2FA is a must for any service from people who care about security.

Over a year and nothing? This was the reason I cancelled my account, I work in IT so I care about my security. Support team response was not on a timely manner nor the had any idea about what happened nor who accessed from where.

They, then proceed to block the account a day later, and started asking information about what playlists I had, and the last numbers for the credit card to which I was paying the service with. I quickly followed with whomever got into my account knew this information and proceeded to cancel and close the account. I'm now on Play Music and the only thing I miss is the PC client instead of a web page and the option to control music from another device.

To my not so much suppose to this date the feature has not been implemented even though there are posts from 2013 requesting this... If an online video game can do it, shame on you spotify...shame on you

Spotify has my payment info, it should have 2fa already. Since it doesn't it should add it. Hopefully with support for authenticator apps like Google Authenitcator 

 I would like to have this feature so my account is more secure.

I would also like 2-step authentication.

I hope when spotify implements this that they would use the standard Oauth2 Protocol, like gmall or Lastpass. Using this protocol protects accounts from being compromised from social engineering attacks on the telecom's, This is how many youtube accounts were being compromised.

I've read that people hack the accounts and re sale the access. Please Spotify implement the two steps verification.