Overview
You can sign in to your Base account (formerly known as Smart Wallet) on web (keys.coinbase.com) and in the Base app using email passcodes, passkeys, or a recovery phrase.
Email (recommended)
Sign in with a one-time passcode (OTP) sent to your email.
OTPs are 6-digit codes that expire after 10 minutes.
Sessions can remain active for 30 days.
If your session expires, you’ll need to request a new OTP before you can sign transactions.
If multi-factor authentication is enabled with an authenticator app (TOTP), re-authentication requires both the email OTP and a TOTP code.
Passkeys
Passkeys offer a secure way to sign in without passwords or recovery phrases.
Passkeys use public-key cryptography to create a unique digital key for your account. Your device or cloud provider stores the key and verifies your identity during sign-in without sharing the key itself.
You can authenticate using:
Biometric authentication (fingerprint or face recognition)
A device PIN
Manage passkeys
Passkeys are managed through your device or passkey provider (such as iOS or Android). Only delete a passkey you’re certain you no longer use, and avoid bulk deletions.
Follow the steps below to view, rename, or delete your passkey.
On iOS
Open Settings.
Go to Passwords.
Search for coinbase.com.
Select the Smart Wallet passkey (identified by its creation date)
On Android (steps may vary by device)
Open Settings.
Go to Passwords and accounts.
Select Google.
Select Google Password Manager.
Select keys.coinbase.com.
Recovery phrase
A recovery phrase can be used to regain access if other sign-in methods aren’t available. Recovery phrases are highly sensitive and should be kept secure.
You’ll have a recovery phrase if:
You previously set up a recovery phrase on keys.coinbase.com, or
You upgraded from the legacy Coinbase Wallet app using the Base app, in which case it’s the original recovery phrase.
Using the same Base Account on web and the Base app
You can access the same Base account on both web (keys.coinbase.com) and the Base app by signing in with the same method/credentials, such as:
Email address
Passkey
Recovery phrase
If you don’t see the expected account, confirm that you’re using the same sign-in method/credentials used when the account was created.
FAQs
Yes, if you utilize iCloud Keychain Manager or Google Password Manager, you can use the same passkey on any device that also has access to your iCloud or Google accounts. You can also use a hardware option like a Yubikey to enable cross-device support.
Certain passkey providers, such as Chrome Profile are device specific and will not work across platforms.
We recommend using cloud-based passkeys for seamless access to your smart wallet. Cloud-based passkeys provide a streamlined and convenient way to securely store and sync access to your wallet across devices. You also maintain the same high level of security expected from your cloud service. Please note that we recommend you avoid using Windows Hello and the Chrome macOS version of Google Password Manager as they cannot be synced across devices.
If you choose to use a non-cloud alternative such as QR code authentication, please first create your passkeys on your mobile device and then use the QR code to sign in on your desktop. Please note that the QR code is device locked in case of device loss.
Recommended passkey setups
If you only use iOS and macOS devices:
We recommend you use:
iCloud Keychain
1Password as a cloud alternative
QR code authentication as a non-cloud alternative
Please make sure that your devices have access to your iCloud account.
If you only use Android and Chrome devices:
We recommend you use:
Google Password Manager
1Password as a cloud alternative
QR code authentication as a non-cloud alternative
Please make sure that your devices have access to your Google accounts.
This will not work if you are using Microsoft Edge on your Windows device. We recommend using Chrome on your Windows device.
If you use a mix of iOS, macOS, Android, and Windows devices:
We recommend you use:
1Password
QR code authentication as a non-cloud alternative
While 1Password currently cannot create or use passkeys on Android, you can enable this by the following:
Open Chrome and type in chrome://flags into the address bar.
In the open flags page, tap the search box, then search for passkeys.
Select Default under the Android Credential Management for passkeys flag.
Select "Enabled for Google Password Manager and 3rd party passkeys".
Select the Relaunch button that appears at the bottom of your browser.
Other setups
If you use a mix of iOS, macOS, and Windows devices
We recommend you use:
1Password
QR code authentication as a non-cloud alternative.
If you use a mix of Android and Windows Chrome devices
We recommend you use:
Google Password Manager
1Password as a cloud alternative
QR code authentication as a non-cloud alternative
If you do not want to use a cloud provider
We recommend you use:
QR code authentication
Yubikey as a non-cloud alternative
If you prefer a hardware solution
We recommend you use:
A Yubikey (USB)
Please consider using a cloud-based passkey for flexibility and convenience. Cloud-based passkeys offer easy access from multiple devices without the risk of losing a physical device such as a Yubikey.
If you do not know which of these cases applies to you:
We recommend you use:
QR code authentication
1Password as a cloud alternative
We recommend using iCloud Keychain, Google Password manager, Microsoft Cloud, or a password manager like 1Password to set up your passkeys for the best cross-device compatibility.
You can also use a hardware device like a yubikey if you have one for cross-device accessibility.
Browser-based profiles like your Chrome or Brave profile are only accessible on the specific device they are created on.
What if my iCloud keychain is not enabled?
You can use these instructions from Apple to enable your iCloud keychain.
Where can I get more information on Google Password Manager?
Please reference the Manage passwords article from Google for more information about the Google Password Manager.
If you’re creating a new wallet and already have a Coinbase.com passkey, 1Password may read keys.coinbase.com and coinbase.com passkeys as identical and prompt you to Update Existing coinbase.com passkey. Select New Item and do not update the existing passkey.
If you use 1Password for your passkey on desktop web, and are not signed into your 1Password extension, by default you may receive a QR Code to sign via mobile phone. Sign into your 1Password extension in order to sign using your passkey in 1Password.
Passkeys can be shared with trusted contacts via iCloud. They cannot currently be exported via Android, 1Password, Chrome profiles, or hardware devices.
Users can share their passkey with trusted contacts for iCloud based passkeys by following these steps:
iCloud options
iPhone: Share passwords or passkeys with people you trust on iPhone
Mac: Share passwords or passkeys with people you trust on Mac
Passkeys are still gated by biometrics, so a third-party that has shared the passkey will not be able to use them unless the correct biometric information is present on the destination device.
When you update your passkey, that change is initially applied to the network which has the highest balance. When you transact on a new network, your new passkey update needs to be applied to the network.
In order to transact on the new network, you will need to apply the change by signing a transaction onchain. This transaction will require a network fee to execute. Once you have executed this transaction, you are free to use your new passkey to sign on the new chain.
Only use your recovery phrase at keys.coinbase.com. Using your recovery key on any third party sites will expose you to compromise of funds, and you will not be able to recover your account.