[Poll results live] Spotify 2FA a must owing to amount of personal & financial data the app collects

New updates are being added to the bottom of the story…

Original story (from Feb 27) follows:

Streaming is not only the most popular way to listen to music, but also the most convenient for many people. New features such as lossless and spatial audio have further intensified industry competition for the better.

But Spotify remains the most popular and arguably the best of them all, even with the promised HiFi support yet to arrive. This, however, doesn’t make it the perfect music streaming service, especially when it comes to security.

Spotify has been pushing for the standout spot with addition of non-music content like podcasts, but it’s still outshined by its closest rival, Apple Music, when it comes to securing the user data it collects and stores on its servers.

On its official support website, Spotify has provided a number of ways subscribers can protect their accounts and personal information.

On the list are basic measures like using a secure password, relying on device security through regular firmware updates and anti-virus programs, removing access to 3rd-party apps and logging out from public devices.

Conspicuously missing from the list is two-factor authentication, also known as 2FA. Essentially, 2FA provides an extra security shield against any illegal attempts to access online accounts. One has to prove who they claim to be, even if they have the right password.

With two-factor authentication, a username and password aren’t enough to log one into an online account. Besides the two, one still has to provide more information about who they are, what they know or have.

The additional info can be a random code sent to your personal phone number via SMS, an answer to a “secret question” or even a fingerprint. A compromise to any of these factors and access to the account will be denied.

This is what you get with Spotify’s closest rival, Apple Music. Enabling 2FA prevents hackers from stealing accounts and with reduced or no reports of hacked accounts comes less work for Apple Music support.

The same cannot be said of Spotify, though. In fact, two men were earlier this month sentenced in the UK after being found in possession of details for over 64,000 credit cards belonging to various Spotify, Apple and Netflix users.

There have been plenty of similar cases for Spotify users in the past, where accounts were hacked and personal info traded on the dark web for as little as $1.

To date, we still have reports of these hacking cases doing rounds. And to prevent a repeat of such occurrences, UK police recommended turning on security measures like 2FA on Netflix, Apple and Spotify accounts.

Still, despite the massive resources, Spotify lacks this function. Having two-factor authentication is the most basic step Spotify can take to mitigate this hacking issue, but the company remains mum on the subject.

The last time word on 2FA support came from Spotify was back in 2018 when the company responded to a feature request, noting that it was exploring the possibility of supporting 2-factor authentication.

Over 7000 votes and hundreds of comments later but still nothing. On the brighter side, the feature request is still marked as “Under consideration”, which should give Spotify users some hope.

Nonetheless, for a company that collects plenty of personal and financial info from users on both free and premium accounts, it’s just unacceptable that Spotify doesn’t have 2FA to protect this data from prying eyes.

Sure, two-factor authentication isn’t enough in today’s world, but according to cybersecurity analysts, most ransomware attacks could have been prevented if target organizations had systems that support multi-factor authentication.

If anything, this function is no-longer an option but a must-have security measure if Spotify is any serious about protecting user data and preventing future hacking incidences.

I know there are tools like Google Authenticator that can serve the purpose, but you shouldn’t need an extra app on your phone for a function that could easily be baked right into the service itself.

Hopefully this changes soon, perhaps even with the much-anticipated HiFi support that has remained elusive for quite some time. Only time will tell.

Be sure to chime in with your thoughts via the comments section. You may also vote on the Twitter poll below, with the results to be revealed after a week.

The results for the poll are live, with a clear majority (over 70%) of those who voted agreeing that Spotify should add support for two-factor authentication (2FA).

In case you missed the poll, you can still share your thoughts in the comments section at the bottom of this page.

PiunikaWeb started as purely an investigative tech journalism website with main focus on ‘breaking’ or ‘exclusive’ news. In no time, our stories got picked up by the likes of Forbes, Foxnews, Gizmodo, TechCrunch, Engadget, The Verge, Macrumors, and many others. Want to know more about us? Head here.