Announcements

Help Wizard

Step 1

NEXT STEP

FAQs

Please see below the most popular frequently asked questions.

Loading article...

Loading faqs...

VIEW ALL

Ongoing Issues

Please see below the current ongoing issues which are under investigation.

Loading issue...

Loading ongoing issues...

VIEW ALL

Security Bug! - Restrict Spotify Connect to receive from Local Network devices only.

Security Bug! - Restrict Spotify Connect to receive from Local Network devices only.

Avatar of fhpetrone
Casual Listener
2020-08-19 06:03 PM

Unsure how this has not come up more often. Once I grant a guest access to my home network in which I have my stereo system with Spotify Connect, they can send music to it whenever they want from anywhere in the world. They can override whatever I'm listening and just stream music to my device. They can do this by mistake or maliciously. I cannot remove my device from their accounts. If I don't want this to happen, I need to ask each person to select in their apps that they only want to see those devices. But they may choose not to do so and I cannot do anything about that. I can also do the same thing conversely. If I'm in a party at a friend's house and I ask for their WiFi password, I can do whatever I want with their sound system... plus nobody will know it is me! I find this is a serious security breach.... 

Labels:
0 Likes
Reply
2 Replies

Avatar of Mario
Spotify Legend
2020-08-23 08:39 AM

Hey @fhpetrone ,

 

Thanks for reaching out about this here in the Community. 

 

If you'd like to log out of (or unlink) Spotify from partner devices (for example, your sound system), it'd be great to check the devices' manufacturer guide.

 

To log out of all web browsers, computers, tablets, and mobile devices at once:

  1. Log in to your account page
  2. Click SIGN OUT EVERYWHERE.

 

Hope you'll find this info useful. We'll be here if there's anything else we can help with!

Mario Moderator
Help others find this answer and click "Accept as Solution".
If you appreciate an answer, maybe give it a Like.
Are you new to the Community? Take a moment to introduce yourself!
0 Likes

Avatar of fhpetrone
Casual Listener
2020-08-25 05:35 PM
Hi Mario, thanks for your suggestion. However the issue is the opposite. I know how to disconnect my account or forget devices. But if a guest maliciously does not want to do it, there is nothing that will prevent them from controlling my setup from anywhere in the world. They only need to connect once to my WiFi network and send music to one of my devices. From then onwards they will always be able to send music to that device unless they "manually" choose to "forget it". As you see, it is "my" device and "they" can control it without me being unable to prevent that from happening.
0 Likes

Suggested posts

Let's introduce ourselves!

Hey there you,   Yeah, you! 😁   Welcome - we're glad you joined the Spotify Community!   While you here, let's have a fun game and get…

Staff
ModeratorStaff / Moderator/ 3 years ago in Social & Random
Read more