Was ist der Global Settings Lock (GSL)?

Das Global Settings Lock (GSL) fungiert, wenn es aktiviert ist, als letzte Möglichkeit, wenn dein Sign-in-Passwort und dein Sign-in 2FA kompromittiert werden.

Der GSL:

  1. 1

    verhindert, dass Änderungen an deinem Kraken Konto vorgenommen werden.

  2. 2

    blendet sensible Kontoinformationen aus.

Du wirst auch per E-Mail benachrichtigt, wenn du versuchst, GSL auf deinem Konto zu entsperren. Je nach Einstellungen dauert eine GSL-Entsperrung ohne Master Key mindestens 24 Stunden (oder bis zu 30 Tage). So hast du Zeit, Maßnahmen zu ergreifen, falls es zu einem Kompromiss kommt.

Frequently asked questions

Since the entire purpose of the GSL is to prevent account changes, the GSL should be enabled once you have finished setting up, verifying, and customising your account. The GSL is particularly useful when you're on vacation or not planning to use your Kraken account for a while. However, the GSL is still important even for regular, active clients. Without the GSL enabled, an attacker who gains access to your account can turn off or change Two-factor Authentication (2FA) for sign-in, funding, trading and the Master Key.

For example, you may have set up trading 2FA, but if an attacker compromises your account and you did not have the GSL on, they can simply turn the trading 2FA off and then proceed to perform trades on your account. Learn how to setup the Global Settings Lock, click here.

The GSL can be enabled on the Settings tab of Kraken accounts, along with an option to set the waiting period for the unlock process.

To remove the GSL, a request needs to be made again on the Settings tab. The set number of days will then need to pass before the unlock will be complete. 

An email notification is sent as soon as an unlock request is made.

Master Key override

A Master Key (if set up prior to the GSL) can be used to immediately remove the GSL.

While the Master Key override option can be convenient, it comes with an increased security risk if your Master Key is compromised.

GSL Hides:

  • Security page

  • Documents page

  • Email Address

GSL Shows:

  • Trading & ledger history

  • Balances

GSL Prevents:

  • Adding withdrawal bank account

  • Adding withdrawal address (crypto)

  • Increasing your verification level

  • Changing your password (while logged in)

  • Changing your email address

  • Adding or changing any 2FA

  • Adding or changing the master key

  • Adding or changing the PGP public key

  • Adding or changing API keys

Suppose, for example, that you turn on the GSL with the unlock process set to take seven days.

An attacker then compromises your computer and logs in to your Kraken account.

The attacker attempts to add their own Bitcoin withdrawal address to your account to steal your funds. When the attacker realizes that they cannot add a withdrawal address because the GSL is on, the attacker requests to unlock your settings. 

You immediately receive an email notification of the unlock request, and have seven days to sign in, re-lock the GSL, and contact Kraken Support.

Brauchst du Hilfe?