So sicherst du dein Konto mit der Zwei-Faktor-Authentifizierung (2FA)

Die Zwei-Faktor-Authentifizierung (2FA), manchmal auch Multi-Faktor-Authentifizierung (MFA) genannt, ist eine zusätzliche Sicherheitsebene für dein Kraken Konto.

Kraken unterstützt zwei 2FA-Methoden:

2FA mit einem Passkey (am sichersten)

Ein Passkey ist ein kleines physisches Gerät, das neben deinem Passwort für zusätzliche Sicherheit sorgt und als eine der sichersten 2FA-Methoden gilt. Die meisten Passkeys sind sehr einfach und du musst nur eine Taste antippen, während sie in den USB-Port deines Geräts eingesteckt sind.

Zurzeit kann nur die Sign-in 2FA mit den Protokollen FIDO2 und Yubico OTP gesichert werden. Wir gehen davon aus, dass wir in naher Zukunft FIDO2 für alle 2FA-Funktionen unterstützen werden.

Eine Authenticator App (mäßig sicher) Eine Authenticator App wird normalerweise auf einem Smartphone installiert und generiert alle 30 Sekunden einen 6-8-stelligen Code. Der Code kann für Anmeldung, Trading, Einzahlung und Auszahlung von Mitteln auf deinem Konto oder als Master Key (https://support.kraken.com/hc/en-us/articles/360000444923-What-is-a-Master-Key-) verwendet werden.

Hinweis: Die 2FA muss für jede dieser Aktionen separat eingerichtet werden.

So sicherst du dein Konto mit einem Passkey Vergewissere dich, dass dein Sicherheitsschlüssel mit Yubico OTP oder FIDO2 kompatibel ist (https://support.kraken.com/hc/articles/360001363963).

A Passkey is a small physical device used for additional security next to your password and is considered to be one of the most secure methods of 2FA. Most Passkeys are very simple and you only need to touch or tap a button while it is plugged into the USB port of your device.

At this moment only sign-in 2FA can be secured with both FIDO2 and Yubico OTP protocols. We expect to support FIDO2 for all 2FA functions in the near future.

An authenticator app is usually installed on a smartphone and generates a 6-8 digit code every 30 seconds. The code can be used for signing in, trading, depositing or withdrawing funds from your account or as a Master Key. Note: 2FA for each of these account actions needs to be setup separately.

Wähle Einstellungen und klicke dann auf Sicherheit.

Make sure your Security Key is compatible with Yubico OTP or FIDO2.

  1. 1

    Sign in to your Kraken account and select your name in the upper-right corner of the page.

  2. 2

    Select Settings and click on Security

  3. 3

    Decide which function you want to set up with a Passkey. Select the OFF/ON toggle under the desired function (Sign-in, Master key, Funding) or select Change method if you currently have 2FA set up and you would like to change it.

  4. 4

    Select Passkey.

    KrakenPro_2FASign-in.png
  5. 5

    Select the Security Key menu and click on the Set up key button.

    KrakenPro_2FAEnableSecurityKey.png
  6. 6

    Insert your Security key into your device. Some Passkeys will instead require you to hold it against your device.

    KrakenPro_USBKey.png
  7. 7

    Click Allow on the following screen.

    KrakenPro_Allow.png
  8. 8

    Touch your Security Key.

    image8.png
  9. 9

    Congratulations, you have secured your Kraken account!

  1. 1

    Sign in to your Kraken account and click the profile icon in the upper-right corner of the page. Then, select Settings and then click Security.

  2. 2

    Decide which function you want to set up 2FA for. Then, select the OFF/ON toggle under the desired function (Sign-in, Master key, Funding, Trading) or select Change method if you currently have 2FA set up and you would like to change it.

  3. 3

    Select Authenticator app.

    KrakenPro_2FASignin.png
  4. 4

    Open the authenticator app on your device and either scan the QR code provided or manually enter the setup key. 2FA that uses the authenticator app method can be backed up by storing the setup key.

    KrakenPro_AuthenticatorAppQR.png
  5. 5

    Enter the numeric code that appears in your authenticator app and click the Confirm button.

  6. 6

    If you set up sign-in 2FA, you will see "2FA app" appear under authentication method.

    KrakenPro_2FA.png

    If you set up funding 2FA, trading 2FA, or Master Key 2FA, the "On/Off" dial will be toggled to the on position to the right. In all cases, 2FA app will be shown as the method.

  7. 7

    Congratulations, you have secured your Kraken account!

Each function can have 2FA enabled using different methods. For example, you may choose to use the Passkey method for the sign-in function because Passkeys are the most convenient and secure to use in daily life. Then for your Master Key function, you may choose to use the authenticator app method because it is less convenient to use and not needed as frequently. The Master Key is only needed in the rare case when you've lost your sign-in 2FA, have to change your password or need to remove the GSL immediately.Having sign-in 2FA and the Master Key on the same device cancels out the security that these functions guarantee when kept separate. The 2FA method used for the Master Key should be different from the one used for your sign-in 2FA, otherwise it defeats the purpose of the Master Key.

  • Simplicity All you need to do with a Passkey is plug it into, or hold it against your device and touch or tap a button. No need to copy a passcode from an authenticator app or worry about your device's battery running out.

  • Security OTP’s generated by a Passkey are significantly longer than those from an authenticator app (44 characters versus 8 or less characters). FIDO2 adds additional security on top of this, because the protocol will only respond to a challenge from the website that you registered it on, and will therefore prevent phishing.

  • Harder to lose We see a lot of tickets at Kraken Support because someone lost their phone. In our experience, it is less likely to lose a device specifically used for 2FA than a phone that is carried around all the time.

  • Privacy Even if you lose your Passkey, it has no identifiable information about what it is used for or who it belongs to. In contrast, an authenticator app mentions the website name and some identifiable account information because the passcode needs to be manually read by a human.

Brauchst du Hilfe?