How to enable multiple two-factor authentication on Kraken web refresh

Last updated: 26. 5. 2025

Kraken web's design is being updated. If the steps in this article look different to your user interface, visit our original article.

The first sign-in two-factor authentication (2FA) method to be enabled on a Kraken account, must be a Roaming 2FA.

You can only have a single Device-Bound (non-roaming) Passkey enabled if Roaming 2FA is also enabled. This is to ensure you are not limited to the one device that the Passkey was created on, avoiding future account access issues.

To enable multiple 2FA:

1
Click on your profile icon in the bottom left corner of the page and select Security.

The available options are:

Passkeys :

•
Click Add a Passkey or a pop-up will appear.
Choose either:
Cross-Device phone/tablet:
a) Enable Bluetooth on both devices
b) Scan the QR code using the phone or tablet’s camera (not an app)
c) From your mobile device, follow the onscreen instructions (remembering to click Save).

Hardware Security Key:

•
Insert your Security Key into your device and touch it.
•
Follow the onscreen instructions to confirm the update.

Authenticator App:

•
Click Enable.
•
Scan the QR code or enter the set-up key into your chosen Authenticator App.
•
Follow the onscreen instructions and click Continue.

Note: If you previously enabled a legacy 2FA method such as a YubiKey or a Static Password, these methods are considered Roaming 2FAs but are no longer recommended by Kraken. It is strongly advised you update any legacy 2FA methods to a more secure option.

Once the initial sign-in 2FA is setup you can enable:

•
Up to one Authenticator App
•
Up to five Passkeys

How to create Passkeys on a phone or tablet

Ensure Bluetooth is enabled on both devices.

The steps below may look different depending on your browser.

1
You will first need to sign in via your desktop browser on Kraken.
2
In the bottom left corner click on your profile icon. Then click Security.
3
Scroll down to the sign-in 2FA table. Click Add a Passkey.
4
A pop-up will appear "Create a passkey for kraken.com". Click Use a different passkey.
5
Click Use a phone, tablet or security key.
6
Scan QR code and follow the instructions on your device.

How to create Passkeys with a Hardware Security Key

1
Sign in to your account.
2
In the bottom left corner click on your profile icon. Then click Security.
3
Click Add a Passkey.

A pop-up will appear "Create a passkey for kraken.com".
4
Insert and touch the Hardware Security Key. Click Allow.

How to create a Device-Bound Passkey

1
Sign in to your account.
2
In the bottom left corner click on your profile icon. Then click Security.
3
Click Add a Passkey and a pop-up will appear "Create a passkey for kraken.com".
4
Click Continue.
5
Note: The Device-Bound feature may not be available on certain browsers, e.g. Safari Browser. Instructions can vary across devices or browsers.

Personalize the 2FA Description

When sign-in 2FA, Master Key and/or Passkeys are created, a default description will be automatically assigned. You will be able to edit the description to something more personal and memorable.

To edit the description:

1
Click Edit next to the 2FA method.
2
Enter a new description in the field and click Update Method.
The maximum description length is 256 characters.

It is currently not possible to edit descriptions for Funding and Trading 2FA, nor with legacy sign-in 2FA methods.

Delete 2FA

To delete a 2FA method, click on the Delete button next to the 2FA method. If you need to change a Passkey you will need to delete the one you wish to change and then enable the new Passkey.

Note: There must always be at least one Roaming 2FA method enabled.

What if I want to change my only 2FA method?

If you only have one sign-in 2FA or Passkey method enabled, to update or change it you must first enable another Cross-Device Passkey before deleting, updating or changing the original method.

For example, if you have an Authenticator App enabled as your sign-in 2FA and wish to update it: