What is a Security Key?
A security key is a physical hardware authentication device designed to authenticate access through one-time-password generation. Coinbase supports Universal Second Factor (U2F) security keys.
Supported security keys are available from a variety of vendors. Coinbase recommends buying a key that works best for your device and preferences.
Links to third-party websites will open new browser windows. Except where noted, Coinbase accepts no responsibility for content on third-party websites.
Dedicated physical hardware authentication devices offer more protection than other 2FA methods like SMS and soft token TOTP apps because the credentials don't need to be stored on a networked device.
Before you begin:
The security key will need to support WebAuthN / Fido2 standard. Note: support for more keys will be added in the future.
It’s important to use a security key that works on both your mobile device and computer. Learn more
Enabling a security key will disable any previously setup 2-step verification method.
With that information, follow these steps:
Sign into your Coinbase account from a web browser. (You cannot change your 2-step method from the Coinbase mobile app.)
Go to Settings > Security
Select Security Key under 2-step verification
Using your Security Key
When using your security key, there are a few things to keep in mind:
Most security keys work with adapters, however, adapters with multiple ports may cause some issues.
3rd-party apps connected to your Coinbase account might not support security keys.
In your Coinbase account, go to Settings > Security.
Under the selected 2-step verification method, you'll be able to manage your security, or, add another security key (you can add a maximum of 5 keys).
By adding more than one security key, you enable a backup option in case you lose your primary security key
If you disable your security key, SMS will be re-enabled as the default 2-step verification method
Important Note: Coinbase highly recommends you do not share your security key with anyone else in order to keep your account as secure as possible.
When you activate a security key as your 2-step verification method on your Coinbase account, you can sign into Coinbase from a computer or through the mobile app. However, it is important that you use a security key that works on both your mobile device and computer. We recommend using a YubiKey because it is a trusted brand that works on both. Learn more about the products they provide based on the type of device you have.
If you set up a security key and try to access your Coinbase account from a mobile browser, note that many mobile browsers do not support security keys—support depends on the browser type and version. Check with your security key manufacturer to ensure they support mobile browsers and your browser developer to find out if they support WebAuthN / Fido2 standard security keys. Third-party applications may have restricted functionality.
Keep in mind: Third-party apps connected to your Coinbase account might not support security keys. Please contact your third-party application developers for more information.
Security Key Troubleshooting
One or more of the following troubleshooting tips may help resolve your issue:
Remove the key from the port and insert again. A light should appear on the key
Close and reopen your browser and then try again
Clear your cache and cookies from your browser and try again
Check to make sure your key supports WebAuthN / Fido2 standard. You can confirm with your key manufacturer
Sign in, via web, to your account with your username, password, and 2-step verification code from your old number
Go to your Security Settings page
Select 'Manage' next to the security key name
Under your security key management window, select 'Remove' for the key you would like to remove from your account
To set up a new key, remain in your security settings and select Security Key under 2-step verification, and follow the prompts to set up a new key.