Sign In | Coinbase | Protect Your Account

How to avoid phishing, verify devices, set up 2FA, and recover your account safely — educational material only.

Phishing avoidance

Phishing pages mimic login screens to capture credentials. Always confirm the domain, check for HTTPS, and avoid logging in from links in unsolicited messages.

Reminder: Official support will never ask for your password or recovery phrase. Treat any request for these as malicious.

Device & session control

Name trusted devices, review active sessions, and revoke any that are unfamiliar. Logging out of unused devices reduces lingering risk.

2FA options

  • Use authenticator apps (TOTP) for most users.
  • Consider hardware keys (WebAuthn) for additional phishing resistance.
  • Store backup codes offline in a secure place.