Security Key 2-step verification

What is a Security Key?

A security key is a physical hardware authentication device designed to authenticate access through one-time-password generation. Coinbase supports Universal Second Factor (U2F) security keys.

Supported security keys are available from a variety of vendors. Coinbase recommends buying a key that works best for your device and preferences. 

Important Note: All hardware authentication devices are not Coinbase products. If you use any other supported security keys, you'll be subject to applicable terms and conditions of use for these products, including a separate privacy policy, which may differ from Coinbase's privacy policy. You should read and understand all applicable terms for these supported security keys before using them.

Links to third-party websites will open new browser windows. Except where noted, Coinbase accepts no responsibility for content on third-party websites. 

Dedicated physical hardware authentication devices offer more protection than other 2FA methods like SMS and soft token TOTP apps because the credentials don't need to be stored on a networked device.

Before you begin:

  • The security key will need to support WebAuthN / Fido2 standard. Note: support for more keys will be added in the future.

  • It’s important to use a security key that works on both your mobile device and computer. Learn more

  • Enabling a security key will disable any previously setup 2-step verification method.

With that information, follow these steps:

  1. Sign into your Coinbase account from a web browser. (You cannot change your 2-step method from the Coinbase mobile app.)

  2. Go to Settings > Security

  3. Select Security Key under 2-step verification

Using your Security Key

When using your security key, there are a few things to keep in mind:

  • Most security keys work with adapters, however, adapters with multiple ports may cause some issues.

  • 3rd-party apps connected to your Coinbase account might not support security keys.

In your Coinbase account, go to Settings > Security.

Under the selected 2-step verification method, you'll be able to manage your security, or, add another security key (you can add a maximum of 5 keys).

  • By adding more than one security key, you enable a backup option in case you lose your primary security key

  • If you disable your security key, SMS will be re-enabled as the default 2-step verification method

Important Note: Coinbase highly recommends you do not share your security key with anyone else in order to keep your account as secure as possible. 

When you activate a security key as your 2-step verification method on your Coinbase account, you can sign into Coinbase from a computer or through the mobile app. However, it is important that you use a security key that works on both your mobile device and computer. We recommend using a YubiKey because it is a trusted brand that works on both. Learn more about the products they provide based on the type of device you have.

If you set up a security key and try to access your Coinbase account from a mobile browser, note that many mobile browsers do not support security keys—support depends on the browser type and version. Check with your security key manufacturer to ensure they support mobile browsers and your browser developer to find out if they support WebAuthN / Fido2 standard security keys. Third-party applications may have restricted functionality.

Keep in mind: Third-party apps connected to your Coinbase account might not support security keys. Please contact your third-party application developers for more information.

Security Key Troubleshooting

One or more of the following troubleshooting tips may help resolve your issue:

  • Remove the key from the port and insert again. A light should appear on the key

  • Close and reopen your browser and then try again

  • Clear your cache and cookies from your browser and try again

  • Check to make sure your key supports WebAuthN / Fido2 standard. You can confirm with your key manufacturer

  1. Sign in, via web, to your account with your username, password, and 2-step verification code from your old number

  2. Go to your Security Settings page

  3. Select 'Manage' next to the security key name

  4. Under your security key management window, select 'Remove' for the key you would like to remove from your account

To set up a new key, remain in your security settings and select Security Key under 2-step verification, and follow the prompts to set up a new key.

Still can't sign in?

See Regain access to my account