Logging in to Golden Crown Casino takes about ten seconds once you know where everything is. You need the email address and password you used when you registered — that is it. If you have two-factor authentication turned on, you will also need the one-time code sent to your email or authenticator app.
- Open goldencrown.app in your browser or launch the mobile app.
- Tap or click the Log In button in the top-right corner.
- Enter your registered email address.
- Enter your password (case-sensitive — check Caps Lock).
- If two-factor authentication is enabled, enter the one-time code from your email.
- You land in the lobby. Your A$ balance and active bonuses appear in the top bar.
- To play, browse the pokies lobby or head to Live Casino, Cashier or Promotions.
This page covers every angle: the step-by-step login process, what to do if you forget your password or get locked out, how to beef up your account security, and answers to the questions our support team fields most often. Whether you are logging in from a laptop, your phone or a mate's tablet, the process is the same.
We have also included a comparison of login methods, a worked example walking through password recovery, and a decision helper for the three most common access problems. Everything is written with Aussie players in mind — A$ accounts, AEST-friendly support hours, and plain-English instructions.
The login system at Golden Crown is designed for speed and security in equal measure. We want you in the lobby and playing pokies as fast as possible, but not at the cost of leaving your account vulnerable. The features described on this page — two-factor authentication, biometric login, session management — are all there to strike that balance.
How to Log In — Step by Step
Go to goldencrown.app, click Log In, enter your email and password, and you are in. If 2FA is enabled, enter the one-time code when prompted.
The login button sits in the top-right corner of the Golden Crown website and the mobile app. Click or tap it, and a login form appears. Enter the email address you registered with and your password. If the details are correct, you land in the lobby within a couple of seconds.
If you ticked 'Remember me' on a previous session, your email may already be filled in. On the mobile app (APK), biometric login — fingerprint or face recognition — can replace the password step entirely once you set it up in the app settings.
After logging in, you are taken straight to the main lobby. Your A$ balance is displayed in the top bar, along with any active bonuses. From here you can jump into pokies, head to the live casino, open the cashier or visit the promotions page.
Golden Crown uses session management to keep you logged in for a reasonable period. If you close the browser tab but come back within a few hours, you are usually still signed in. For security, sessions expire after extended inactivity, and you will need to enter your credentials again.
A quick note on shared devices: if you are logging in from a public computer or someone else's phone, use a private or incognito window. This prevents your session from being saved after you close the tab. Always log out manually when using shared devices.
If you are logging in for the first time after a long break, the site may prompt you to re-verify your email or update your password. This is a standard security check and only happens after extended periods of inactivity. Follow the on-screen instructions and you will be back in the lobby in a minute.
Desktop users can also save goldencrown.app as a bookmark in their browser toolbar for one-click access. On Chrome, click the star icon in the address bar. On Safari, drag the URL to the bookmarks bar. It saves a few seconds compared to typing the URL each time.
Login steps
- Open goldencrown.app in your browser or launch the mobile app.
- Tap or click the Log In button in the top-right corner.
- Enter your registered email address.
- Enter your password.
- If 2FA is enabled, enter the one-time code from your email or authenticator app.
- You are now in the lobby. Your A$ balance and active bonuses are shown at the top.
Account Recovery — Forgot Password, Email or Locked Out
Forgot your password? Use the reset link on the login page. Forgot your email? Contact support with your name and last deposit details. Account locked? Wait 30 minutes or chat with support.
Forgetting a password happens to everyone. The reset process is straightforward: click 'Forgot Password?' on the login form, enter your registered email, and check your inbox for a reset link. The link is valid for 60 minutes. If it expires, request a new one.
If you have forgotten which email you used to register, things get a bit more involved. You will need to contact our support team via live chat or by emailing [email protected] from any email address. To verify your identity, the agent will ask for information only the account holder would know — your full name as registered, the last deposit amount and method, and potentially a photo of your ID.
Account lockouts triggered by too many failed login attempts resolve automatically after 30 minutes. If you cannot wait, live chat support can unlock your account after verifying your identity. This usually takes under five minutes.
If you suspect someone else has accessed your account, contact support immediately. The team can freeze the account, force-logout all active sessions and guide you through changing your password and enabling 2FA. Any unauthorised transactions will be investigated.
Players who have self-excluded cannot log in until the exclusion period ends. This is by design — self-exclusion is a responsible gambling tool, and bypassing it is not possible. If you set a cooling-off period and want to resume playing after it expires, simply log in as normal.
Password reset links are one-time use. Once you click a reset link and set a new password, the link is invalidated. If you click the same link again, it will show an error. If you need another reset, go through the Forgot Password process again from scratch.
For players who registered a long time ago and cannot remember any account details, the support team has additional verification methods. They may ask for details about your deposit history, the last game you played, or personal information you provided during registration. Be prepared to answer a few questions to prove ownership of the account.
If your account has been inactive for an extended period — say, six months or more — it may be classified as dormant. Dormant accounts are not deleted, but you may need to go through a re-verification step when you try to log in again. This is a security measure to ensure that the person reactivating the account is the rightful owner.
Account recovery timelines depend on the complexity of the situation. A simple password reset takes two minutes. An email change request processed through support typically takes one business day. If identity verification is required because you have lost access to your registered email, it may take up to 48 hours. In all cases, the support team keeps you updated via the communication channel you used to reach them.
Which recovery path do you need?
Common Login Problems and How to Fix Them
Most login failures come down to a wrong password, expired session or browser cache issue. Clear your cache, double-check your email spelling and reset your password if needed.
The single most common reason for a failed login is a mistyped password. Passwords are case-sensitive, and it is easy to have Caps Lock on without realising. If you are copying and pasting from a password manager, make sure you have not accidentally included a trailing space.
The second most common issue is an expired or corrupted browser session. If the site seems to accept your credentials but then drops you back to the login screen, your session cookie may be stale. Clearing your browser cache and cookies usually fixes this immediately.
Account locks happen after multiple failed login attempts — this is a security measure to prevent brute-force attacks. If your account is locked, wait 30 minutes and try again, or contact support via live chat to have it unlocked manually.
VPN users sometimes run into geo-restriction issues. If the site detects a VPN exit node in a restricted jurisdiction, it may block the login attempt. Try disconnecting the VPN or switching to a server in a non-restricted country.
Two-factor authentication errors can occur if your device clock is out of sync (for TOTP apps) or if the one-time code has expired (codes are valid for 60 seconds). Make sure your phone's time is set to automatic, and request a new code if the current one does not work.
If none of the above fixes your issue, contact our support crew. Live chat is available 24/7, and the agents can check server-side logs to pinpoint the problem. Have your registered email address ready so they can look up your account.
Browser extensions can occasionally interfere with login forms. Ad blockers, privacy extensions and JavaScript blockers may prevent the login form from submitting correctly. If you suspect an extension is the culprit, try logging in with extensions disabled or in an incognito window (most extensions are disabled in incognito by default).
Multiple accounts are not permitted under Golden Crown's terms. If you try to create a second account with a different email and then log in, the system may flag it and restrict access to both accounts. If you genuinely need to change your registered email, contact support rather than creating a new account.
Login issue quick-reference
| Problem | Likely cause | Fix |
|---|---|---|
| Wrong password error | Typo, Caps Lock, trailing space | Retype carefully; check Caps Lock; reset password if unsure |
| Login loops back to form | Stale session cookie | Clear browser cookies and cache; try incognito mode |
| Account locked | Too many failed attempts | Wait 30 minutes or contact live chat |
| 2FA code rejected | Expired code or clock out of sync | Set phone time to automatic; request a new code |
| VPN block | Exit node in restricted region | Disconnect VPN or switch server location |
| Page does not load | DNS or network issue | Try another network; flush DNS; restart router |
Worked example — Recovering a forgotten password
- Go to goldencrown.app and click the Log In button.
- On the login form, click 'Forgot Password?' below the password field.
- Enter the email address you registered with and click Send Reset Link.
- Open your email inbox. Look for a message from Golden Crown Casino with the subject 'Password Reset Request'. Check your spam or junk folder if it does not appear within five minutes.
- Click the Reset Password link in the email. You are taken to a page where you enter a new password.
- Choose a strong password — at least 8 characters, mixing uppercase, lowercase, numbers and symbols. A password manager can generate one for you.
- Click Save New Password. You are redirected to the login page.
- Log in with your email and the new password. If 2FA is enabled, enter the one-time code as usual.
- Once logged in, consider updating your password in any saved password managers so they stay in sync.
Sessions, Cookies and Staying Logged In
Golden Crown uses session cookies to keep you logged in. Sessions expire after extended inactivity. Clearing cookies logs you out. 'Remember me' extends the session.
When you log in, the server creates a session — a temporary record that says 'this browser or app belongs to a verified user'. The session is identified by a cookie stored in your browser. As long as that cookie is valid, you stay logged in without re-entering your credentials.
Sessions expire after a period of inactivity, typically a few hours. This is a security measure: if you walk away from your laptop with the site open, the session eventually ends, preventing anyone from accessing your account. The exact timeout depends on server settings and may vary.
The 'Remember me' checkbox on the login form extends the session duration. Instead of expiring after a few hours, the cookie persists for a longer period — usually several days. This is convenient on your personal devices but should be avoided on shared or public computers.
Clearing your browser cookies logs you out of Golden Crown (and most other sites). If you regularly clear cookies for privacy, you will need to log in each time. A password manager makes this painless.
Incognito or private browsing mode does not save cookies after you close the window. This is ideal for logging in on someone else's device — once you close the incognito tab, all session data is wiped. No one can reopen the tab and access your account.
Some browsers offer cookie management per site. In Chrome, for example, you can allow cookies for goldencrown.app while blocking or clearing cookies for other sites. This keeps you logged in to Golden Crown without accumulating tracking cookies from every other website you visit.
If you use multiple browsers — say, Chrome for work and Firefox for personal — your Golden Crown session is independent in each browser. You can be logged in on Chrome and logged out on Firefox at the same time. Each browser maintains its own cookie store.
Enterprise or school-managed browsers may have cookie policies that automatically clear session data at the end of each browsing session. If you find yourself having to log in every single time, this is likely the cause. Using a personal browser or the APK avoids this issue entirely.
A word on third-party cookies: some browsers (notably Safari and Firefox) block third-party cookies by default. Golden Crown's login uses first-party cookies — set by goldencrown.app itself — so this should not affect you. However, if you have a browser extension that blocks all cookies, including first-party ones, you will not be able to stay logged in. Whitelist goldencrown.app in your cookie blocker to fix this.
Pro Tips for a Smooth Login Experience
Use a password manager, enable biometric login on the APK, bookmark goldencrown.app and keep your browser updated. These four steps make login virtually instant.
Tip one: bookmark goldencrown.app in your browser or add the PWA to your home screen. Typing the URL manually every time wastes seconds and introduces the risk of landing on a phishing site with a similar-looking domain.
Tip two: use a password manager. It autofills your credentials in two taps and ensures you are using a strong, unique password. If you are on iOS, iCloud Keychain is built in and works seamlessly with Safari. On Android, Google Password Manager integrates with Chrome and many apps.
Tip three: enable 2FA. It adds a few seconds to the login process but makes your account dramatically harder to compromise. The peace of mind is worth the minor inconvenience, especially when your account holds real A$ funds.
Tip four: keep your browser and operating system updated. Browser updates often include security patches, performance improvements and better support for web technologies like PWA features. An outdated browser is a slower, less secure browser.
Tip five: clear your cache periodically. Over time, cached data can become stale and cause display issues or login loops. A monthly cache clear in your browser settings keeps things running smoothly without much effort.
Tip six: if you play on both desktop and mobile, consider using the same password manager across devices. Most managers — 1Password, Bitwarden, LastPass — sync across platforms, so your Golden Crown login is available whether you are on your laptop, phone or tablet.
Tip seven: if you share a household with another player, make sure each person uses their own account and their own browser profile. Shared logins violate the terms of service and can result in both accounts being restricted. Most browsers support multiple profiles — Chrome, Edge and Firefox all allow you to create a separate profile for each user, complete with its own bookmarks, passwords and cookies.
Tip eight: test your login periodically even when you are not planning to play. If something goes wrong — a compromised password, an expired session, a browser update that breaks autofill — you want to discover it on your own time, not when you are trying to jump into a live tournament with a countdown running.
Login Methods — Email, Social and Biometric
The primary method is email + password. Biometric login (fingerprint/face) is available on the APK. Social login is not currently supported.
The standard login method at Golden Crown is email and password. This works on every platform — desktop browser, mobile browser, PWA and the Android APK. It is the universal method and the one we recommend as your baseline.
Biometric login is available in the Android APK. After your first manual login, the app prompts you to enable fingerprint or face recognition. Once activated, you simply scan your finger or face to get in — no typing required. Biometric data is stored locally on your device and never sent to our servers.
Social login (Google, Facebook, Apple ID) is not currently offered at Golden Crown. Your account is tied to the email address you registered with. If you used a Gmail or iCloud address, that is your login email, but you are not signing in via Google's or Apple's authentication system.
For players who value convenience, the 'Remember me' checkbox on the login form keeps your email pre-filled on that browser. Combined with a saved password in your browser's password manager (or a dedicated manager like 1Password or Bitwarden), logging in is effectively a two-click process.
We strongly recommend using a unique, strong password for your Golden Crown account. If you reuse passwords across sites and one of them gets breached, your casino account could be at risk. A password manager makes this easy — it generates and remembers complex passwords so you do not have to.
A note on password managers: the most popular options in Australia are 1Password, Bitwarden (free and open-source) and the built-in managers in Safari (iCloud Keychain) and Chrome (Google Password Manager). All of them can generate a random 16+ character password and autofill it on goldencrown.app. If you are not using one yet, now is a good time to start — it eliminates the biggest single risk to your account security.
For players who log in on multiple devices — say, a laptop at home and a phone on the go — the experience is seamless. Your account is server-side, so balance, bonuses, game history and settings are identical regardless of which device you use. The only thing that changes is the login method: on the Android APK you can use biometrics, while on a desktop browser you type your password.
Login methods compared
| Method | Available on | Speed | Security level | Setup needed |
|---|---|---|---|---|
| Email + password | All platforms | 10–15 seconds | Standard (strong with 2FA) | None — default method |
| Biometric (fingerprint/face) | Android APK only | 2–3 seconds | High — device-locked biometric | Enable in app settings after first login |
| Password manager autofill | Desktop & mobile browsers | 3–5 seconds | Depends on manager security | Install a password manager; save credentials |
| Remember me + saved password | Desktop & mobile browsers | 5 seconds | Lower on shared devices | Tick 'Remember me'; save password in browser |
Logging In on Mobile — App, PWA and Browser
The login process is identical on mobile. On the APK, you can use biometric login. On the PWA and mobile browser, enter your email and password as usual.
Logging in on mobile follows the same flow as desktop: open goldencrown.app (or launch the APK/PWA), tap Log In, enter your email and password, and you are in. The interface adjusts to your screen size, but the fields and buttons are in the same positions.
On the Android APK, biometric login is the faster option. After your first manual login, the app offers to set up fingerprint or face recognition. Once enabled, a quick scan replaces the password step. Your biometric data stays on your device — we never receive or store it.
For the PWA and mobile browser, your phone's built-in password manager (iCloud Keychain on iPhone, Google Password Manager on Android) can autofill your credentials. If you have saved your Golden Crown login, it is a matter of tapping the email field, selecting the saved entry, and confirming.
One thing to watch on mobile: autocorrect and predictive text can interfere with email and password fields. If login keeps failing, try disabling autocorrect temporarily or switching to a text field that does not suggest completions.
Session behaviour on mobile is the same as desktop. If you leave the app or browser in the background for a while, you may need to re-enter your credentials when you come back. The APK is slightly more forgiving here — it keeps the session alive longer than a browser tab.
If you switch between Wi-Fi and mobile data mid-session — say, walking from your house to the car — the session usually survives the network change. In rare cases, the IP address change may trigger a re-authentication prompt. If that happens, just enter your credentials again and you are back.
Tablet users get the same login experience as phone users, but with more screen real estate. The login form and the lobby both benefit from the larger display. If you primarily play on an iPad, the PWA in full-screen mode is virtually indistinguishable from a native app.
For players who want the fastest possible login on Android, set up biometric authentication in the APK immediately after your first manual login. Combined with the APK's instant launch, you can go from tapping the icon to spinning a pokie reel in under five seconds.
Account Security — Keeping Your Login Safe
Use a strong unique password, enable 2FA, and never share your credentials. Golden Crown uses 256-bit SSL encryption and hashed password storage.
Your Golden Crown account holds real money, so treating it with the same care as your online banking makes sense. Start with a strong, unique password — one that you do not use anywhere else. If remembering complex passwords is a hassle, a password manager takes care of it.
Two-factor authentication is the single biggest upgrade you can make to your account security. When 2FA is enabled, anyone who gets hold of your password still cannot log in without the one-time code. We offer email-based OTP — a six-digit code sent to your registered email each time you log in from a new device or after a session expires.
On the server side, we store passwords as salted hashes, not in plain text. Even in the unlikely event of a database breach, your actual password is not exposed. All communication between your device and our servers is encrypted with 256-bit SSL, the same standard used by major Australian banks.
Session management adds another layer. Sessions expire after extended inactivity, and logging in from a new device triggers a notification to your email. If you did not initiate that login, you know immediately that something is off and can change your password.
Phishing is a real threat. We will never ask for your password via email, live chat or phone. If you receive a message claiming to be from Golden Crown asking you to 'verify your account' by clicking a link, it is a scam. Always navigate directly to goldencrown.app rather than clicking links in emails.
Check the URL bar before entering your credentials. The legitimate address is goldencrown.app — look for the padlock icon and the exact domain name. Phishing sites often use similar-looking domains like goldencrown-app.com or golden-crown.casino. If the domain does not match exactly, do not enter your password.
If you believe your password has been compromised, change it immediately. Go to Account Settings, then Security, then Change Password. Enter your current password, then your new one. If you cannot log in because the attacker already changed the password, use the Forgot Password flow or contact support via live chat for emergency account lockdown.
Session security on public Wi-Fi is worth mentioning. When you log in over an unsecured Wi-Fi network — at a cafe, airport or hotel — there is a theoretical risk of session interception. Golden Crown uses HTTPS (SSL/TLS encryption) on all pages, which mitigates this risk significantly. For extra peace of mind, use a VPN when playing on public networks.
We also recommend reviewing your account activity periodically. Under Account Settings you can see a log of recent logins including the device, browser and approximate location. If you spot a login you do not recognise — different city, unfamiliar device — change your password immediately and notify support. Early detection is the best defence against unauthorised access.
Password expiry is not enforced by default at Golden Crown. Your password remains valid until you change it. However, if there is a security incident affecting a large number of accounts (which has not happened, but preparation matters), we may require all users to reset their passwords. You would be notified via email with clear instructions.
Security essentials
- Use a unique password for your Golden Crown account — do not reuse passwords from other sites.
- Enable two-factor authentication in your account settings for an extra layer of protection.
- Never share your login credentials with anyone, including people claiming to be Golden Crown staff.
- Always log out manually when using shared or public devices.
- Golden Crown will never ask for your password via email, chat or phone. Any such request is a phishing attempt.
Frequently Asked Questions
You need the email address and password you used when you registered. If you have two-factor authentication enabled, you also need the one-time code sent to your email. That is all — no special software or token required.
Click 'Forgot Password?' on the login page, enter your registered email and check your inbox. Click the reset link, choose a new password and log in. The link expires after 60 minutes, so do not leave it too long.
Check that Caps Lock is off and there are no extra spaces in the email or password field. Clear your browser cache and cookies, then try again. If it still fails, reset your password — it is the fastest fix.
A VPN may cause issues if the exit node is in a restricted jurisdiction. If login fails while connected to a VPN, try disconnecting it or switching to a different server location.
Yes, on the Android APK. After your first manual login, the app offers to set up fingerprint or face recognition. Biometric data stays on your device and is never sent to Golden Crown servers.
Open goldencrown.app in your browser and use the live chat widget on the login page — you do not need to be logged in to access it. Alternatively, email [email protected] with your registered name and email address.
