×

Please note that Coinbase no longer supports this browser. We recommend upgrading to the latest Google Chrome or Firefox.

Password FAQ

How does Coinbase score my password?

We use the zxcvbn algorithm developed at Dropbox to assign a 'crack time' to a user's password each time they sign in or change their password. This crack time represents the estimated time it would take to crack the password for a hypothetical offline attacker with access to our database. You can read more about the methodology here:

zxcvbn: realistic password strength estimation

What are the password requirements on Coinbase?

Passwords must be at least 8 characters long and have an estimated offline crack time over 6,000 seconds. We do not enforce arbitrary restrictions on numbers, special characters, or maximum password length. However, any passwords longer than 72 characters will be truncated.

How do I choose a good password?

Coinbase strongly recommends the use of password manager software such as 1Password or LastPass. A password manager can generate random, unique passwords for each website you visit. It can also automatically fill in passwords for you and can protect you against phishing attacks.

If you don't want to use a password manager, be sure to use a long, random password that is unique to your Coinbase account. Do not reuse passwords from other websites, especially your email account. Do use a passphrase (a sentence or group of words), but do not choose a phrase from a book or a movie as hackers have access to sophisticated databases of such quotes.

My password is long and random, why does it have a low crack time?

We check all passwords against password dumps and leaks across the internet. It's possible that your password was found in one of these dumps. We recommend you change your password immediately.

How does Coinbase store passwords?

Coinbase salts and hashes all passwords using the bcrypt algorithm with a work factor of 12. We never store your password in plain text.

How strong is my current password?

Sign in and come back to this page to find out!