A passkey is a digital credential stored on your device used for additional security next to your password and is considered to be one of the most secure methods of 2FA. Passkeys can be used to satisfy sign-in 2FA, securely logging you into your account by using biometric authentication like a fingerprint or face scan, or a screen lock PIN.

The available options are:

Passkeys:

Hardware Security Key:

An authenticator app is usually installed on a smartphone and generates a 6-8 digit code every 30 seconds. The code can be used for signing in, trading, depositing or withdrawing funds from your account or as a Master Key. 

Note: 2FA for each of these account actions needs to be set up separately.

2FA ensures that:

✓ Unauthorized access is stopped if your username and password are stolen.

✓ Your account can only be accessed by the holder of the device that has the 2FA code.

✓ Every time you sign in, your device creates a unique passcode that is required for accessing your account.

✓ Once signed in, you are the only person who can perform certain actions such as trading, withdrawing or depositing.

2FA requires an extra passcode when signing in, trading, withdrawing or depositing. This passcode can be stored in an authenticator app on your phone where the passcode changes every 30 seconds. Or in a Hardware Security Key where the passcode changes after each use and can even recognize the website that you are trying to sign into.Enabling sign-in 2FA also activates Step-up 2FA. This is an extra step that is required anytime that 2FA settings on your account are added, edited or removed.

Once a change to your Kraken account is requested, a popup window will appear to confirm your sign-in 2FA again via the 6-digit code from your authenticator app or via your Hardware Security Key. Without the Step-up 2FA code no changes can be made, even if somebody managed to sign into your account without your permission.