It’s become common for internet services, banks, online retail stores and other firms reporting about a possible security breach to tell users to change passwords.
But on Friday, Spotify, the music streaming service, reset some of its users’ passwords for them without a security breach of Spotify users’ data.
The company, based in Stockholm, told users about the reset in an email, prompting them to create a new password.
Why? “Because we believe it may have been compromised during a leak on another service with which you use the same password,” the company told users, as reported by Business Insider.
The Spotify email to users went on: “Don’t worry! This is purely a preventative security measure. Nobody has accessed your Spotify account, and your data is secure.”
Spotify’s move may indicate the future of online security, says Gizmodo. People tend to use the same passwords for a variety of services and when one site is hacked, it could make hordes of other digital services vulnerable.
Spotify isn’t identifying which of the recent security breaches led to the decision to reset some users emails. Most recently, data from a 2012 Dropbox breach appeared online this week.
But Gizmodo says other services are starting to do the preventative password reset as well:
By analyzing publicly available password dumps against their own user database, Spotify can reset the password of users found in the dump, thus making them safe from a hackers who might exploit people’s password reuse.
There may be some bumps for Spotify to work out. Before I knew the news, I found myself locked out of Spotify Friday, but didn’t appear to get the email telling me to reset.
Photo: Daniel Ek, CEO and Founder of Spotify (Andrew Burton/Getty Images)