Choosing a regulated exchange
You need a regulated platform that complies with legal standards including Know Your Customer (KYC) and Anti-Money Laundering (AML) practices. Regulated exchanges in the US include Coinbase, Kraken, Gemini, Bitstamp and eToro USA.
Think of it this way: Coinbase is like a well-lit, trusted bank in your neighbourhood. An unregulated exchange is more like a mystery booth at a flea market.
How to open a Coinbase account
Go to the right website
Open your browser and go to coinbase.com, or download the Coinbase app from the App Store or Google Play.
Click "Get Started"
You will see a Get Started or Sign Up button. Click that to begin.
Fill out your information
Enter your name, email address and create a password. Make sure your email is correct — you will need to confirm it.
Verify your email
Coinbase will send you a confirmation email. Click the link inside to verify your address.
Set up two-step security
Coinbase will ask for your phone number and send a text code to verify. Do not skip this step.
Prove who you are
You will need to upload a photo ID such as a driver's licence or passport. This is a legal requirement, not optional.
Add a payment method
You can link a bank account, debit card or PayPal. Bank accounts are best for larger purchases.
Start exploring
Once set up, you can browse different cryptocurrencies, buy a small amount, or simply look around and learn.
Setting up Google Authenticator (2FA)
Download the app
Search for "Google Authenticator" in the App Store (iPhone) or Google Play (Android) and install it.
Go to your account security settings
On Coinbase, go to Settings and look for "Two-Factor Authentication."
Choose Google Authenticator
The website will show you a QR code — a small square barcode.
Scan the code
Open the Google Authenticator app, tap the + button and choose "Scan a QR code." Point your camera at the code on your computer screen.
Enter the code to finish
The app will show a 6-digit code that changes every 30 seconds. Type it into the website to complete setup.
Pro tip: If you ever get a new phone, make sure to transfer your Google Authenticator codes first, or you may get locked out of your accounts.
Test yourself
Select your answer for each question, then see if you're right.
Q1. What does KYC stand for, and why is it required?
KYC (Know Your Customer) is a legal requirement for regulated financial services, complying with anti-money-laundering laws. It's normal and protective.
Q2. Which is a regulated exchange suitable for beginners?
Regulated exchanges like Coinbase, Kraken and Gemini comply with financial laws, hold licences, and have consumer protections.
Q3. What does Google Authenticator do during login?
Google Authenticator adds a second login layer. Even with your password stolen, a thief still can't access your account without the 6-digit code that changes every 30 seconds.
Q4. What should you do if you get a new phone after setting up Google Authenticator?
If you switch phones without transferring your Authenticator codes, you could be permanently locked out of your accounts. Always migrate codes first.