You NEED to do this if you use Google Authenticator for Coinbase (before it's too late)

in #crypto7 years ago (edited)

When it comes to security in the world of cryptocurrency, we all know we should be very careful when it comes to protecting our accounts, passwords, private keys, etc. With data leaks, phishing scams, hackers and all manner of cyber insecurity, the last thing you want is someone accessing your crypto accounts and draining your wallets. Coinbase is certainly no exception and they make sure you know it. You can't even log in without a verification code of some sort after you put in your 38 character password.

Don't lose your Coinbase account because of Google Authenticator.jpg

2-Factor Authentication

Coinbase (and everyone else that uses it) strongly suggests that you use a 2-factor authentication (2FA) to sign into your account, such as the Google Authenticator app, which provides a code to your smart phone to make sure it is really you signing into the account. I'm sure most of you reading this already have a 2FA set up for your Coinbase, but if you don't, do that right now. Here is the FAQ on that if you need more info.

What many people don't realize is that if you are using Google Authenticator for Coinbase and you lose your phone or it gets stolen or it breaks... you can't sign into your Coinbase account anymore. Your account is linked to that phone because of the Google Authenticator app and the only way to disable that is to have your phone with you. So then your account becomes unusable because you can't sign into it. Well THAT sucks, doesn't it?

What you NEED to do before you lose your account FOREVER

There is but ONE solution to the problem of losing your device with the Authenticator app: the SECRET SEED CODE. When you add your Coinbase account to your Authenticator app, it gives you a bar code to scan. Along with that bar code is a 16-digit alphanumeric code that you need to write down and/or print off and duplicate and then keep somewhere safe (like with your Steemit keys). Again, if you ever do lose/break your phone, this code will be the only way to access your Coinbase account again.

Coinbase security.jpg

So if you are currently using Google Authenticator for your Coinbase, GET THAT SECRET SEED CODE. You can get it by logging into your Coinbase account and clicking on SETTINGS and then SECURITY. You can then click on "Regenerate Secret Key" under Two-Factor Authentication. Type in your current code from the Google Auth app and there you have it. Write it down. Twice. Or more. Keep it safe.

When you get a new phone, just download the Google Authenticator app and push the red plus sign (+) then click on "Enter a provided key". It will ask for the account name (Coinbase) and your key and that's when you put in the Secret Seed that you wrote down and kept safe. Now you can access your account again! Yippee!

Screenshot_2018-06-02-21-08-04.png

What if I don't save the Secret Seed?

Now, if you're like me and didn't know all this before it was too late, there is a last resort solution. My phone got stolen while I was in Mexico City. Here's the story if you want to hear it:

Because I didn't know about the Secret Seed Code, I couldn't recover my Coinbase account. I went in circles on their Support website trying to look for a solution. The only thing I could do was contact their support team to let them know my situation.

Coinbase Security 2.jpg
From Coinbase's Support site

I tried writing them emails but they kept sending the wrong information because they assumed I still had my phone number even though I specifically said that I lost my phone number too. So I finally ended up calling their support line. Yes, on the telephone. I was not expecting a short wait time or even a very helpful human on the other end, but to my surprise, that's exactly what I got. I spoke to a representative named Virginia and I told her my situation and that I'd gotten poor responses through email. She listened to me and told me that really the only thing that could be done in my situation is to create another Coinbase account with a different email and then request to have the funds in the other account transferred into the new one. Well, it's not ideal, but it beats losing everything I had stored in my old account all because some chump thugs saw my white skin and thought I'd be a good pickpocket target.

But don't let it get to that point. Make sure your Secret Seed Code is written down and that you can get to it if you ever lose your phone.

I hope this helps someone avoid a disaster. Be sure to RESTEEM this post so more eyes can see it and avoid making my mistake.

Tell me, did you know about the Secret Seed Code for Google Authenticator? Because I sure missed it when I first started using it.

Sort:  

thanks for the info

It is quite scary that coinbase will transfer the funds like that to a new account. Seems like the perfect way for a Scam Artist to get a hold of your Crypto.

I have 2FA, backed up seed code, and original phone number but after reading this I plan to keep even less money on Coinbase than in the past.

They make sure that it's the same person with the new account because they verify that the ID used to make the new account is the same as the one used in the old account.

Excellent post, thanks for the advice. I ran into a similar situation when I upgraded my iPhone. Fortunately for me, I did not trade in my old phone before I realized I needed it for GA.

I'm glad you still had your old one and could transfer it. Thanks for your comment.

Posted using Partiko Android

But, if you got your phone stolen, can't you still keep your phone number on a new CIM card? I had my phone stolen once and my telco provider moved my number to another card. Would Google Auth still work?

If your provider can do that, then yes, that would be ideal. There is an easy recovery process if you still have your phone number. I was in Mexico at the time the phone was stolen. I didn't think to ask if I could move my number to a new card, but I really doubt I could because they don't ask your name or ID when getting a SIM so your number isn't attached to your name so I couldn't prove that the number I want to keep belonged to me.

Thanks for the answer. I was always unsure if Google Auth was linked with the phone number, SIM card, or email address I registered with my phone.

Backing up 2FA keys is very important, but regardless of whether your 2FA key is backed up you should not be using Coinbase as a wallet. If you don't control the private keys, you don't own any crypto.

Agreed, Coinbase shouldn't be treated as a wallet. But definitely back up your 2FA keys so that you can cash in on all the Steem you make.

thanks for the info that was helpful

You're welcome

Posted using Partiko Android

Good that you got your account back. I think everywhere i see that if you enable 2FA and then lose your key, you lose your account. Good to know you can still recover it.

Don't lose your key. That's what everyone needs to know.

Yes this was very helpful. Thank you and I am re-steeming this!

Glad it helps. Thanks for the resteem.

Posted using Partiko Android

EXCELLENT Advice! Resteemed

Thanks for the resteem. More people need to realize this.

This is what worries me most but I keep my money offline. If I need to sell then I'll send it to coinbase.

Yeah, that's best.