Twitter user Jeremy M. pointed out that there's an official workaround to revoke Facebook permissions from Spotify, not mentioned on the site's support page! Instructions below.
A recent Facebook security breach put thousands of sites that use Facebook Login at risk of hacking. So, today, I tried to unlink my Facebook account from my Spotify account.
Because security! Essentially, attackers stole “access tokens” that allow full access to Facebook accounts, as well as access to accounts that use Facebook as a log-in (called “Facebook single sign-on”). In a statement, Spotify said it “has not experienced a security breach.” But removing your Facebook account as a log-in method would be a good precaution, anyway.
As it turns out, you can’t unlink your Facebook from Spotify! If you created a Spotify account with Facebook (likely), it is *forever* tied to your Facebook account.
When Spotify launched in the US in 2011, it required users to sign up with Facebook. In 2012, it quietly reversed its decision and allowed users to sign up with an email address, but it made that option available in tiny font on its registration page.
If you want to use a dedicated Spotify log-in, without Facebook, you have to create an entirely new Spotify account, and ask customer service to port your playlists over.
Yes, seriously. According to Spotify’s support page, you have to cancel your Premium subscription, create a new account, use the contact form to ask customer service to port your playlists over, and hope for the best.
And because you can’t create two accounts with the same email address, if your Facebook account is associated with your main email address, you have to close the old account before creating a new one, possibly losing all of your saved library and playlists!
Spotify did not immediately respond to request for comment.
However, there's an unofficial workaround for revoking Facebook permissions from Spotify!
First, you'll need to log out from Spotify. Then, on the log in page, click "Forgot username or password?" which will prompt Spotify to send you a password reset link.
Check your email and create a password (a strong, unique one!). After that, go to Facebook settings, and navigate to the Apps and Websites section. Select the checkmark next to Spotify and click "Remove" at the top. Facebook warns that revoking Facebook permission from Spotify may delete your Spotify account, but it didn't (at least for me). Select "Remove" again.
Go back to Spotify, log out, and try your new password. Yay!
Generally, it’s best to avoid using Facebook to log in to other sites. Download a password manager (I like LastPass), use that manager to create strong, unique passwords, and enable two-factor authentication via app, not text message (Google Authenticator is easy to set up and use).
Here’s more information on how to secure your accounts, and different options for password managers and authentication apps.