Update coinbase.com.yaml

[stuartpb]

Not profiled:

• Submitting a password reset requests directs to the login page with a modal acknowledgement that I think goes away on a timer.
• Registration requires US state or state-like jurisdiction (ie. military).
• Password needs to be gauged as "good" via some remote arbiter at the endpoint https://api.coinbase.com/v2/users/score-password with the password posted as password in a form data body. Needless to say, the rules for passwords to meet this strength requirement are not surfaced. I'm starting to think I need a profile field to document this crap consistently beyond notes. Maybe password.rule as a human-text field? (Would still cooperate with data like password.value.length.max.)
• Passwords consisting entirely of spaces are rated as "good" past a certain length, but trigger "password can't be blank" errors.
  • Actually, no, they aren't rated as "good"... passwords of only spaces crash the server! The API returns a 500 status code in response, and now I'm not seeing any new requests going out.
• Logging in and changing password both require a code from Authy.
• Logging in from a new machine requires opening a confirmation link.
• Not profiling destination after resetting a password because it's subject to so much subjectivity re: Authy, new machine approval step...

I just realized I didn't actually review password changing, brb.

[stuartpb]

Note that the Authy code is an input on the password change form.