Passwords must be at least 8 characters long and have an estimated offline crack time over 6,000 seconds. We do not enforce arbitrary restrictions on numbers, special characters, or maximum password length. However, any passwords longer than 72 characters will be truncated.
Coinbase strongly recommends the use of password manager software such as 1Password or LastPass. A password manager can generate random, unique passwords for each website you visit. It can also automatically fill in passwords for you and can protect you against phishing attacks.
If you don't want to use a password manager, be sure to use a long, random password that is unique to your Coinbase account. Do not reuse passwords from other websites, especially your email account. Do use a passphrase (a sentence or group of words), but do not choose a phrase from a book or a movie as hackers have access to sophisticated databases of such quotes.
We check all passwords against password dumps and leaks across the internet. It's possible that your password was found in one of these dumps. We recommend you change your password immediately.
Read our complete Password FAQ here.