Coinbase said the emails were "not the result of malicious behavior".
Two-factor authentication requires users to enter information, such as a text code, in addition to a password.
The alert also alerted many users, who feared that their accounts had been hacked.
In most circumstances, only someone with account access could change their two-factor authentication settings.
"I received the answer and panicked someone who accessed my account or made withdrawals," a user wrote in a tweet.
The company stated that the error was caused by a problem with its notification system.
Coinbase apologized on social media, saying it focused on building trust and "that such issues can affect that trust."
"Yesterday, from 13:45 PST to 15:07 PST, Coinbase sent approximately 125,000 erroneous notifications to customers that their 2FA settings had changed."