Coinbase takes extensive security measures to ensure that your account and cryptocurrency investment remain as safe as possible. Here are some steps to help you keep your account safe from unauthorized access.
Strong password
Use a password that is long, random, and unique to your Coinbase account. Also, never disclose your password to anyone.
Note: Coinbase employees will never ask for your password.
You can take several additional security measures to protect your password.
2-step verification
To protect your Coinbase account and other online accounts, we recommend a security key, authenticator app, or other 2-step verification measures.
Adding a screen lock or 2-step verification to your mobile phone also helps prevent phone-based attacks if your phone is stolen.
Your email is one of the most important connections between you and your Coinbase account. We use email to confirm new devices, send important alerts, and communicate with you if you need support.
To keep your personal email account more secure:
Enable 2-step verification.
Check for unusual rules, filters, or forwarding addresses.
Check your email account settings for authorized devices you don’t recognize.
Check for unauthorized recovery emails or phone numbers added to the account.
If you receive a message that says it’s from Coinbase, but you believe it could be a phishing email, forward it to security@coinbase.com.
Devices
Malware such as keyloggers, remote access trojans (RATs), and cookie thieves can be used to steal your sign-in credentials and gain unauthorized access to your Coinbase account.
To protect your devices:
Use antivirus protection and scan your device regularly. Keep your device and software updated with the most recent operating system and security updates.
Uninstall questionable or unnecessary software, especially tools that allow remote access.
Install an ad blocker to help protect you from malicious ads.
Never click suspicious links or download suspicious programs.
Don’t use browser plug-ins or add-ons developed by unknown sources.
Cloud storage
Cloud storage accounts such as Google Drive or iCloud create backups of the data saved on mobile devices. This data often includes messages, contacts, email, apps, photos, and more.
To protect your cloud storage accounts:
Create a strong password, ideally using a password manager.
Secure it with the strongest form of 2-step verification available.
Protect your email account.
Bookmark Coinbase
Bookmark https://www.coinbase.com/.
Then, when you receive text messages or emails about your Coinbase account, always use the bookmark to get to Coinbase.
Check your recent activity
In your Coinbase account, you can see your active sessions, including authorized mobile applications, web sessions, and confirmed devices.
If at any time you notice an unauthorized application, session, or device, you can remove access. If you see a sign-in to your account that you don't recognize, change your Coinbase and email passwords and open a customer support ticket.
Allowlist
You can use an Address book allowlist to add and store crypto addresses you know and trust, making it easier and safer to send crypto.
Coinbase Vault
If you plan to store your crypto long term, we encourage you to use a Vault.
Contact us
If you have an account security concern or question, contact Coinbase customer support. Fake customer support numbers and websites are a constant threat, so be cautious with any information you find on forums, social media, and ads.
Coinbase staff will never:
Ask for your password, 2-step verification codes, or email access
Ask you to install remote sign-in or remote support software on your computer
Ask you to send money for resolving issues with your account
Call you directly to handle account support or troubleshooting issues
If anyone claiming to be associated with Coinbase Support requests this information or calls you directly, end all communication and immediately contact us.