How to have a secure account
Choose a strong, unique password
DO choose a random string of at least 8 characters, including upper and lower-case letters, numbers, and special characters. Consider using a password manager like 1Password or LastPass to create and remember unique, strong passwords.
DO NOT use your name, date of birth, part of your email address, login, or other information.
Never give out your password or account information
When somebody sends you a link (in a message, comment or email) trying to get you to enter your SoundCloud password on a site outside of the soundcloud.com domain (it may still look like soundcloud.com) we call that phishing.
This is done so that the sender of the link can collect your sign-in details (and potentially other personal or sensitive information). The sender may then use this information to hijack your account, typically to use it to send out spam or more phishing attempts.
SoundCloud will never:
Prompt you via email and email attachments, messages, or comments to log into a site outside of the SoundCloud.com domain, nor to download and install an application
Connect a secondary email to your account
In order to secure your account further, make sure to “Revoke All” in your settings "Connected applications" tab here to close all open sessions on logged in devices to enforce the new password.