They check passwords against other hacks, so if you used the same email-password... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

mtmail on May 22, 2019 | parent | context | favorite | on: Ask HN: What happened to trigger my Spotify passwo...

They check passwords against other hacks, so if you used the same email-password combination somewhere else that would cause them to reset your account.

https://www.businessinsider.de/spotify-users-password-reset-... "Spotify's security team identified that some of the leaked user credentials might correspond to Spotify accounts"

philshem on May 22, 2019 [–]

My email for spotify login is unique, and of the form *+spotify@gmail.com

skinnymuch on May 25, 2019 | | [–]

I assume that’s checked for. For simple SaaS projects compared to Spotify at least, things like that were checked.

detaro on May 22, 2019 | | [–]

more or less everyone analyzing email addresses knows that pattern, so it's easily ignored.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact