Topic: Two Factor Authorization on Coinbase (Read 127 times)

Okay so now i just changed my two factor back to sms phone number for now.


Now when i change it back to google authenticator as my two factor authorization, i do the steps you listed.  So i have to take a picture of the QR code on ANOTHER PHONE as my backup to this phone?  Most people only have one phone and im shocked this is the way to do it.   Years ago, did coinbase do the same thing with the backing up of it?  Such as you needed to take picture of the QR code?  So they never had a recovery key like binance or bittrex?


So could one take a picture of the QR code on the same phone using right now.  Then say keep a copy of it stored in the cloud as the backup?  I can't imagine people needing another phone to take the picture of the QR code for security reasons.  Then again you taking a photo of the QR code on your current phone wouldn't make any sense since if something happens to this phone, then well you don't have that backup code.  I do have key for both binance and bittrex that i wrote down though.  So this QR code with coinbase is only with coinbase or it can show my other current QR codes with binance and bittrex?  That is confusing part because i thought coinbase was like... you write a key down and make sure you have that key in case something happens to your phone.

If they asked you to enter the 2FA code, it clearly means that you had enabled 2FA.

 In the case you disable 2FA and enable it again, you can simply save the set-up key this time and keep it in a safe place.


When you export your account via google authenticator application, you don't need Coinbase setup key.
The QR code can be used to backup all accounts at a same time.
Note that by using "export account" feature, You actually backup the google authenticater not your coinbase account individually. It can include all the accounts you have.


If you select same account(s), you will get a same QR code.

Okay so i like to comment on this.  A long time ago, I used a phone that had google authenticator as my two factor authorization i believe.  I think i first used an sms number first and then changed it to that.  Years later on, my phone didn't work.  When i tried to log into coinbase with my username/password, it sent me a code to my phone.  I still had this phone number though even though my old phone stopped working.  But it then asked me to log in with my google authenticator.  That would mean i had to have used google authenticator as my two factor authorization years ago right since it asked me for that when trying to log in?



But I did not have that coinbase key saved.  So i didn't log in for a while until i tried a bit later on.  Coinbase was then able to unlock my account because i still had the phone number connected to my coinbase account.  Then i can log in with my username/password and it send code to my phone number each time before i can log in.  I believe if u dont have your phone number connected to account, then its much harder to access the old coinbase account right?



So right now i changed my two factor from sms phone number to google authenticator.  But what if i then change it back to sms phone number?  I then change it back to google authenticator.  Then i do those steps you listed with the three dot menu?  Then once i have that, i will get QR codes?  But i need to take picture of it as backup?  That doesn't make any sense.  So there isn't something like a coinbase key where its a long number/word similar to like binance/bittrex?



Do you always get the same qr code with your authenticator or it generates a new one each time?


Example had i saved the code from a while back with my phone, it isn't the same as the one they give me now right?

If you have saved the setup key (or the corresponding QR code), there is nothing to worry about. That key can be used to recover your account in future.

If you haven't saved that key, you can backup the google authenticator using the "export account" feature.

To do so,
    1. Tap on menu button (the 3-dot button) at top of the screen.
    2. Select "transfer accounts".
    3. Select "Export accounts".
    4. Check your coinbase account and any other account you wish to backup.

After doing steps above, you will get two QR codes. These QR codes can be used for accessing your account(s) in future.
Note that your phone won't allow you to get screenshot due to security reasons and you will have to use another phone to take photo from the screen.  

I see the other option for two factor is security key.  What is that?  Is that typing it everytime to log in?  It shows it is secure just like authenticator. 


But for google authenticator which im using now, is there some key i need to write down or something in case i dont have access to my phone anymore?

So i logged into coinbase and they ask me to change it from sms phone number to another forum.  I picked google google authenticator as i used it before with other sites.


Now my question is... is there some code i need to write down in case my phone breaks or i lose my phone etc? 


How do i access my account if i no longer have my phone?

If you are using coinbase, then you may manage your primary 2FA setting from the security section. So at first go to setting after login into your account, then click setting, and the next you have to select security. If you can't find the setting then click on your profile pic. There you will find the current 2FA, if it's your mobile number then it should reflect there. Remove it and select Google 2FA as your primary 2FA. If you are talking about coinbase pro, then I am not familiar with it. In addition, I wouldn't encourage you to store your funds in a coinbase. Better to use a noncustodial wallet or hardware wallet rather than a web wallet. Just to remind you about the private key, @joniboini is right about what he described.

Just in case you mixed it up, a private key and secret key they give you for 2FA are different. Don't mix these two, because it can cause confusion and led you to believe that exchanges give you the private keys to control your wallet.

Here's their instructions page: https://help.coinbase.com/en/coinbase/getting-started/verify-my-account/managing-google-authenticator

And yes, they should be providing the TOTP keys.

P.S. If you're on Android, probably use Aegis instead of Google Auth: https://bitcointalksearch.org/topic/aegis-authenticator-a-decent-alternative-to-google-authenticator-and-authy-5192978

I have my phone number as my two factor authorization.  Always heard google authenticator or authy is best since it prevents sim swap etc.

 
How does one change their two factor authorization from phone number to google authenticator?  Also when you do this, they give you coinbase private key that you need to make sure you write down right in case something happens to your phone?