You NEED to do this if you use Google Authenticator for Coinbase (before it's too late)

in #crypto7 years ago (edited)

When it comes to security in the world of cryptocurrency, we all know we should be very careful when it comes to protecting our accounts, passwords, private keys, etc. With data leaks, phishing scams, hackers and all manner of cyber insecurity, the last thing you want is someone accessing your crypto accounts and draining your wallets. Coinbase is certainly no exception and they make sure you know it. You can't even log in without a verification code of some sort after you put in your 38 character password.

Don't lose your Coinbase account because of Google Authenticator.jpg

2-Factor Authentication

Coinbase (and everyone else that uses it) strongly suggests that you use a 2-factor authentication (2FA) to sign into your account, such as the Google Authenticator app, which provides a code to your smart phone to make sure it is really you signing into the account. I'm sure most of you reading this already have a 2FA set up for your Coinbase, but if you don't, do that right now. Here is the FAQ on that if you need more info.

What many people don't realize is that if you are using Google Authenticator for Coinbase and you lose your phone or it gets stolen or it breaks... you can't sign into your Coinbase account anymore. Your account is linked to that phone because of the Google Authenticator app and the only way to disable that is to have your phone with you. So then your account becomes unusable because you can't sign into it. Well THAT sucks, doesn't it?

What you NEED to do before you lose your account FOREVER

There is but ONE solution to the problem of losing your device with the Authenticator app: the SECRET SEED CODE. When you add your Coinbase account to your Authenticator app, it gives you a bar code to scan. Along with that bar code is a 16-digit alphanumeric code that you need to write down and/or print off and duplicate and then keep somewhere safe (like with your Steemit keys). Again, if you ever do lose/break your phone, this code will be the only way to access your Coinbase account again.

Coinbase security.jpg

So if you are currently using Google Authenticator for your Coinbase, GET THAT SECRET SEED CODE. You can get it by logging into your Coinbase account and clicking on SETTINGS and then SECURITY. You can then click on "Regenerate Secret Key" under Two-Factor Authentication. Type in your current code from the Google Auth app and there you have it. Write it down. Twice. Or more. Keep it safe.

When you get a new phone, just download the Google Authenticator app and push the red plus sign (+) then click on "Enter a provided key". It will ask for the account name (Coinbase) and your key and that's when you put in the Secret Seed that you wrote down and kept safe. Now you can access your account again! Yippee!

Screenshot_2018-06-02-21-08-04.png

What if I don't save the Secret Seed?

Now, if you're like me and didn't know all this before it was too late, there is a last resort solution. My phone got stolen while I was in Mexico City. Here's the story if you want to hear it:

Because I didn't know about the Secret Seed Code, I couldn't recover my Coinbase account. I went in circles on their Support website trying to look for a solution. The only thing I could do was contact their support team to let them know my situation.

Coinbase Security 2.jpg
From Coinbase's Support site

I tried writing them emails but they kept sending the wrong information because they assumed I still had my phone number even though I specifically said that I lost my phone number too. So I finally ended up calling their support line. Yes, on the telephone. I was not expecting a short wait time or even a very helpful human on the other end, but to my surprise, that's exactly what I got. I spoke to a representative named Virginia and I told her my situation and that I'd gotten poor responses through email. She listened to me and told me that really the only thing that could be done in my situation is to create another Coinbase account with a different email and then request to have the funds in the other account transferred into the new one. Well, it's not ideal, but it beats losing everything I had stored in my old account all because some chump thugs saw my white skin and thought I'd be a good pickpocket target.

But don't let it get to that point. Make sure your Secret Seed Code is written down and that you can get to it if you ever lose your phone.

I hope this helps someone avoid a disaster. Be sure to RESTEEM this post so more eyes can see it and avoid making my mistake.

Tell me, did you know about the Secret Seed Code for Google Authenticator? Because I sure missed it when I first started using it.

Sort:  

thanks for the info

You're welcome

It is quite scary that coinbase will transfer the funds like that to a new account. Seems like the perfect way for a Scam Artist to get a hold of your Crypto.

I have 2FA, backed up seed code, and original phone number but after reading this I plan to keep even less money on Coinbase than in the past.

They make sure that it's the same person with the new account because they verify that the ID used to make the new account is the same as the one used in the old account.

Excellent post, thanks for the advice. I ran into a similar situation when I upgraded my iPhone. Fortunately for me, I did not trade in my old phone before I realized I needed it for GA.

I'm glad you still had your old one and could transfer it. Thanks for your comment.

Posted using Partiko Android

But, if you got your phone stolen, can't you still keep your phone number on a new CIM card? I had my phone stolen once and my telco provider moved my number to another card. Would Google Auth still work?

If your provider can do that, then yes, that would be ideal. There is an easy recovery process if you still have your phone number. I was in Mexico at the time the phone was stolen. I didn't think to ask if I could move my number to a new card, but I really doubt I could because they don't ask your name or ID when getting a SIM so your number isn't attached to your name so I couldn't prove that the number I want to keep belonged to me.

Thanks for the answer. I was always unsure if Google Auth was linked with the phone number, SIM card, or email address I registered with my phone.

Backing up 2FA keys is very important, but regardless of whether your 2FA key is backed up you should not be using Coinbase as a wallet. If you don't control the private keys, you don't own any crypto.

Agreed, Coinbase shouldn't be treated as a wallet. But definitely back up your 2FA keys so that you can cash in on all the Steem you make.

thanks for the info that was helpful

You're welcome

Posted using Partiko Android

Good that you got your account back. I think everywhere i see that if you enable 2FA and then lose your key, you lose your account. Good to know you can still recover it.

Don't lose your key. That's what everyone needs to know.

Yes this was very helpful. Thank you and I am re-steeming this!

Glad it helps. Thanks for the resteem.

Posted using Partiko Android

EXCELLENT Advice! Resteemed

Thanks for the resteem. More people need to realize this.

This is what worries me most but I keep my money offline. If I need to sell then I'll send it to coinbase.

Yeah, that's best.

Thank you so much for the information!

You're welcome so much.

This is helpful man. Thank you.

You're welcome. Glad it helps.

Good information mate. Thanks.

You're welcome.

Thanks, very important information.

I dislike 2FA we shouldn't be forced to use it. I invested about $1000 at Binance and can't log in because the 2FA I get sent keeps getting denied when I try to log in.

Yuck. Is there some support service available for that?

I would likely just get a standard response on how to make sure my 2FA and computer time are in sync.

I'd try anyway just so you cover all your bases.

I likely will ...

Good advice. In fact, I've written down the Google authenticator secret key for all my accounts with various exchanges...

omg this happened to you too??? My phone just got stolen too a few weeks ago, and same issue! I think you saw that. I'm SOO sorry it happened to you too!

But I think I'm getting back into Coinbase without the seed thing! I'll let you know when it's official!

Great article, super well-written!!!

Yeppers. It sucks having accounts linked to phones and phone numbers like Coinbase, Whatsapp, Uber... Have to deal with getting your accounts back or just creating whole new accounts. Ugh. That's the biggest reason losing your phone sucks (unless it was a really expensive one).
I hope you can get back into your Coinbase account.

Very interesting topic, thanks for your advice and for sharing!

Thanks for stopping by.

Posted using Partiko Android

Thanks a lot for the info. In fact, I’ve been looking for such a clear explanation for days. I want to get myself a new phone - throw out the iPhone, get myself a less selfish one - and I’ve been wondering about the Google Authenticiator thing. I have like 25 or more sites I use it for, but couldn’t find any decent info on how to deal with a change of phone.
I had never heard of this secret seed code. I assume this goes for more sites than just Coinbase?
I’d better get to work, then...

Just don't throw out the old phone until everything is transferred over.

For as far I inderstand I’ll have to log in to every site, disable 2FA, then log in again an scan the codes to te-enable it.
Whzt a hassle... :0(

It's better than the alternative. Trust me.

Thanks very much for this vital info. I was just about to wipe my Galaxy S7 and turn in for an upgrade when I saw this. Saved me a lot of headache that I didn't know was coming!

Oh boy. Glad I saved you the headache.

This is great. I have often worried about this happening and considered selling all my bitcoin, ethereum and Litecoin for Steem and forgetting about Bitcoin and Coinbase forever.

Well, if you want to ever convert some of your Steem to fiat, you might want to keep Coinbase around.

Not even possible in Canada yet. As far as I know....

Think I will convert all my Steem into @steemmonsters...

83A0EC72-C0D1-4D01-B8C1-89B6934AA221.jpeg

very interesting, creative idea. thanks have shared

Congratulations! This post has been upvoted from the communal account, @minnowsupport, by daveonarrival from the Minnow Support Project. It's a witness project run by aggroed, ausbitbank, teamsteem, theprophet0, someguy123, neoxian, followbtcnews, and netuoso. The goal is to help Steemit grow by supporting Minnows. Please find us at the Peace, Abundance, and Liberty Network (PALnet) Discord Channel. It's a completely public and open space to all members of the Steemit community who voluntarily choose to be there.

If you would like to delegate to the Minnow Support Project you can do so by clicking on the following links: 50SP, 100SP, 250SP, 500SP, 1000SP, 5000SP.
Be sure to leave at least 50SP undelegated on your account.

hope this helps someone avoid a disaster.

Yeah, that's what I said.

F... & boycott Google + use a Laptop, sit down & chill. Look at your environment when you walking! On top of that, you'll go half blind looking too much at those small displays.. think about it.

I think you didn't read my post.

Not completely, you're right. But we all better stop using google (that is my point) , if we wanna free up this world, no matter what product. Please find an alternative...
1

I thought it s normal to have that code/QR printed somewhere locked up, so you can lose your phone as much as you want?! :D

Only for those that want to lose their phone a lot, it seems. ;)

if you lost, you lost, no recover

Don't lose it


Congratulations @daveonarrival!
You raised your level and are now a Minnow!

Do you like SteemitBoard's project? Then Vote for its witness and get one more award!

Thank you for being so patient! We’re slowly catching up with our SP! Almost There!

Most recent user guide released on: May 14th

As a friendly reminder, the current upvote fee is $0.12 SBD ($0.121 for incognito). Current 300%+ upvote is now $0.36+ SBD.

Join our 10 SP Challenge!!!

Simply click this link to delegate 10 SP Now!

Or delegate any of these other amounts and make a "striking" return on your investment!
50 SP --- 100 SP --- 200 SP --- 500 SP --- 1000 SP

That being said...

BOOOOOOOOOM!!!

The ground shakes as incredible power lights the sky. The thunder tests the quality of your post and deems it worthy, rewarding it with a 300% upvote and comment from @thundercurator.

Increase your chances of a 100% upvote and support the project by:

Investors who delegate SP to @thundercurator are entitled to 75% of @thundercurator income after curation. Get on-board early and grow with us!