KuCoin — Account Recovery & Incident Playbook

Prepare recovery materials

When you set up 2FA or backup codes, immediately place them in a secure offline location—locked safe, safety deposit box, or another physically secure place. Consider splitting copies across two trusted locations if appropriate. Make sure the documentation includes the date and what the code relates to.

Lost 2FA or device — exact playbook

1. Attempt sign-in using backup codes (stored offline).
2. If no backup codes are available, contact support through your bookmarked support path and follow their verified recovery procedures.
3. Rotate your password and re-register new 2FA credentials immediately upon regaining access.
4. Audit API keys and revoke any suspicious keys; reissue keys with restricted scopes where necessary.

Unauthorized activity — contain and document

If you see unfamiliar transfers or sessions, lock down the account where possible (freeze withdrawals if the platform supports it), change credentials, and collect evidence: screenshots, timestamps, and IP hints. Contact support and escalate with documented evidence to speed remediation.

Note: This playbook is for education and incident preparedness; it is not an official KuCoin support channel.