Two-factor authentication (2FA) has been a staple of many online services for years now, securing your account by not simply requiring your password, but also a one-time authentication code (that can be delivered via SMS, to your email, or generated by a dedicated app).
Spotify is very, very late to this game, but it looks like it’s finally enabled a rudimentary form of two-factor authentication for a very small subset of its normal, non-celebrity accounts, according to reports over on Reddit. We say ‘rudimentary’ because right now there doesn’t seem to be any way to turn this on or off, and you also can’t choose how it works.
So it only sends you the 2FA one-time code via email, whether you like that or not. There’s no support for 2FA code generator apps whatsoever, so it’s very, very early days indeed.
We’ll give Spotify the benefit of doubt here since this is clearly a test at the moment – the feature hasn’t even been officially announced. Hopefully it gets some more polish before it eventually becomes available for everyone.
And don’t get us wrong – this is a good start, and some 2FA is definitely better than no 2FA, especially as people have been known to log into Spotify Premium accounts using leaked credentials. Proper 2FA would prevent that, so we’re looking forward to Spotify getting there.
It knows how to do this, since artist accounts already have 2FA with support for SMS as well as third-party authenticator apps. It might just be a matter of time now for us mere mortals to get the same perks.