-
-
Notifications
You must be signed in to change notification settings - Fork 75
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security Issues for Spotify #156
Comments
Hi,
Sad to hear. There hasn’t been any other report about this.
Apps using Spotify OAuth don’t have access to passwords and the whole login
flow (and password reset request) happens on Spotify’s domains. Thus,
password resets can be requested by inputting the username or email
address, either in Spotify’s login flow, which is always performed on their
site.
Not sure how to help out. Maybe Spotify can provide more info about where
the login request was originated from, which could help understand where
this person is trying to log in.
…On Tue 12 Mar 2024 at 21:24, timbell86 ***@***.***> wrote:
Writing to ask if anyone else has been experiencing security issues with
their Spotify account.
This is my 3rd password reset. On the previous password reset, I made a
sophistic, generated password.
This is the only allowed app on my Spotify account, so I'm kind of like
"What's going on?" at this point.
—
Reply to this email directly, view it on GitHub
<#156>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AADFVSDQ2IBL773LYDSP3U3YX5P7PAVCNFSM6AAAAABES5VQDCVHI2DSMVQWIX3LMV43ASLTON2WKOZSGE4DENRQG43TIMQ>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
Closing the issue as Spotify Dedup is secure and doesn’t have access to passwords. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Writing to ask if anyone else has been experiencing security issues with their Spotify account.
This is my 3rd password reset. On the previous password reset, I made a sophistic, generated password.
This is the only allowed app on my Spotify account, so I'm kind of like "What's going on?" at this point.
The text was updated successfully, but these errors were encountered: