A concise, actionable walk-through that helps traders sign in safely, avoid phishing, and strengthen access to Coinbase Advanced Trade (formerly Coinbase Pro).
Traders face targeted phishing, credential stuffing, and social-engineering attacks. The quickest way to reduce risk is to lock down your login flow: use official pages, enable 2‑step verification, and avoid reusing passwords. This guide provides clear steps and quick checks you can use each time you sign in.
Type coinbase.com into your browser or use the official Coinbase mobile app. Avoid clicking login links from emails, DMs, search results, or third‑party sites. Bookmark the official sign-in: https://www.coinbase.com/signin.
Before entering credentials verify the address bar shows https:// and the domain is exactly coinbase.com (or login.coinbase.com for some flows). Click the padlock to view certificate details if unsure.
Create a long, unique password. Use a reputable password manager to generate and store it. Never reuse exchange passwords across sites.
Enable an authenticator app (Google Authenticator, Authenticator apps) or passkeys where supported. Avoid SMS when possible because SIM‑swap attacks can bypass SMS codes. Follow Coinbase’s 2‑step verification setup to configure MFA.
Authenticator apps are easy and secure; hardware keys like YubiKey provide phishing‑resistant protection and are recommended for high-value traders.
Enable security prompts, device management, and recovery emails. Add trusted contacts or secondary recovery methods if you manage high-value accounts.
Change your password, sign out of other sessions, revoke API keys, and contact Coinbase Support. Review steps to lock or unlock a compromised account if needed.