• 流覽次數:: 43
  • 分類: 產業區
  • 分享次數:
  • 作者: 音樂地圖
  • Spotify安全漏洞使陌生人進入您的家庭帳戶


    ◎「Spotify Premium Family」每月最多可讓同一個家庭的六個成員使用,每月14.99美元,比單個Premium帳戶每個9.99美元的費用便宜得多。但是,有會員抱怨陌生人闖入他們的家庭帳戶,從而使他們可以免費下載高級訂閱。
    ◎要檢查您的「Spotify Premium Family」帳戶中是否有陌生人,請前往Spotify網站,登入您的帳戶,單選“個人資料”和“帳戶”,然後選擇Premium Family後,帳戶成員將在螢幕上列出。


    Spotify customers are complaining that strangers are breaking into their Family accounts, years after the problem was first raised with the music-streaming service.
    Spotify Premium Family gives up to six members of the same household Premium accounts for $14.99 per month, which is considerably cheaper than individual Premium accounts at $9.99 each.
    However, members of the Spotify subreddit are complaining that strangers are barging into their Family accounts, allowing them to freeload on a premium subscription.
    One customer claims four stranger profiles were set up on their Family account. “No clue who they were, or how they got on my plan,” he wrote on Reddit. “I found out by accident while changing my plan. Not even sure when it happened or how long this has been going on for.”
    Several other customers in the same thread report similar intrusions, with complaints spanning back several years. Indeed, the same complaint was raised on Spotify’s own community forum as far back as 2017, with several customers complaining of the same problem then.
    Although Family account members can’t directly access each other's accounts, Spotify recently introduced a shared family playlist, which means hackers breaking into the family account could affect the shared music streams. They could also see the names of other family members, potentially children, from the Spotify website.
    Is Spotify security strong enough?
    The problem is unlikely to be the direct result of a hack of Spotify’s systems. “The underlying problem is most likely one of password reuse,” said Graham Cluley, an independent cybersecurity analyst. “It sounds like something Spotify needs to clamp down on.”
    Spotify’s security could be stronger. The service doesn’t offer any two-factor authentication, which would require a customer to enter a code sent to a cell phone or registered email account when setting up a new account, for example.
    Likewise, Spotify doesn’t notify the primary account holder when a new Family member is added, meaning freeloaders often remain undetected. “At the very least, when someone joins the family group, the head of the group should get an email asking if you want to permit another user or not,” Cluley said. “You’d want them [Spotify] to be a bit more professional and look after the userbase.”
    To check if you’ve got any strange accounts holders on your Spotify Premium Family account, visit the Spotify website, log in with your account details, click Profile, then Account and select Premium Family from the left-hand side. Account members will be listed on the screen.
    Spotify hadn’t responded to a request for comment at the time of publication.