No, “12345678!” is not a stronger password.
Hey, there. How’s your day going? Good? Great. Hey, listen. I happened to receive a strange e-mail earlier today. For some reason, Spotify asked me to change my password. Why? Were they hacked? Do you know anything about it? No? You didn’t get an e-mail?
Spotify is now making some users change their passwords. Why, exactly It apparently has nothing to do with their own service having been breached by hackers, or their server going haywire. The real answer is because other websites keep being hacked.
This password hasn’t been exactly hot for many large websites. MySpace got hacked back in May. LinkedIn has seen better months than what it saw also last May. Russia’s Facebook VK.com saw digital traders trading accounts in the underground in June. And just to pour even more salt on an already-open wound, Dropbox was hacked on Wednesday.
The actual e-mail, first published by Motherboard, reads,
“To protect your Spotify account, we’ve reset your password. This is because we believe it may have been compromised during a leak on another service with which you use the same password. Don’t worry! This is purely a preventative security measure. Nobody has accessed your Spotify account, and your data is secure.”
How exactly does Spotify happen to know if the password is the same? From the wording used in the e-mail, it seems Spotify may have gone ahead and cross-checked e-mail accounts against those that have been breached.
Business Insider has gone ahead and posted an image of what the e-mail looks like. Spotify isn’t confirming if an actual breach has occurred, with the company looking to keep users safe, or at least we hope.
‘Authenticity required: password?’ image by Elias Bizannes, licensed under Creative Commons Attribution 2.0 Generic (CC by 2.0)