Two-factor authentication (2FA) is an identity verification method that enhances security by requiring users to provide two separate forms of evidence to prove their identity and gain access to an online account or other sensitive resources.
With 2FA, users are required to input their password, and a second form of identification, which can be a one-time passcode sent via SMS or generated by an authenticator app (such as Google Authenticator or Microsoft Authenticator) or biometrics, such as a fingerprint or a face scan.
By combining these two factors, 2FA significantly reduces the risk of unauthorised access, even if someone manages to guess the user’s password.
It’s unthinkable that Spotify, the world’s most popular music streaming platform with 350 million users and 150 million subscribers, doesn’t even have 2FA, one of the most basic security features, for normal users.
But, that is about to change. According to some Reddit users, when they tried to login to their account, they were prompted by to enter a 2FA code which was sent to their emails.
For now, it seems the 2FA is very rudimentary as users can’t set up the 2FA feature for their Spotify account using a third-party authenticator app. Users have to get the code from their emails.
Spotify has 2FA feature for quite some time, but it was only available to artist accounts. They even offer support for third-party authenticator apps and SMS delivery, so there’s no reason why they couldn’t offer the same thing to normal users.
