All
Filter by:
How do I deposit cash into my account?
I need help with account verification
Why can't I access my account?
Are there any crypto withdrawal fees?
I need help signing into my account
Secure your account with two-factor authentication (2FA)
Last updated: Aug 5, 2025
Two-factor authentication (2FA) is an extra layer of security for your Kraken account. When sign-in 2FA is enabled, gaining access to your account will require your email/username, password and the 2FA passcode.
A passkey is a digital credential stored on your device used for additional security next to your password and is considered to be one of the most secure methods of 2FA. Passkeys can be used to satisfy sign-in 2FA, securely logging you into your account by using biometric authentication like a fingerprint or face scan, or a screen lock PIN.
Additional reading:
An authenticator app is usually installed on a smartphone and generates a 6-8 digit code every 30 seconds. The code can be used for signing in, trading, depositing or withdrawing funds from your account or as a Master Key. Note: 2FA for each of these account actions needs to be setup separately.
Additional reading:
✓ Unauthorized access is prevented if your email/username and password are compromised.
✓ Your account can only be accessed by the holder of the device that has the 2FA code.
✓ Every time you sign in, the Passkey or authenticator app creates a unique passcode that is required for accessing your account.
✓ Once signed in, you are the only person who can perform certain actions such as trading, withdrawing or depositing.
Important: We highly recommend enabling Passkeys over any other 2FA method.
Additional reading:
- What is a Passkey?
- Risks of using an Authenticator App
- How to enable multiple two-factor authentication on Kraken
- How does two-factor authentication (2FA) for sign-in work?
- How does two-factor authentication (2FA) for trading work?
- How does two-factor authentication (2FA) for funding (deposits & withdrawals) work?
When enabled, 2FA will prompt you for an additional, unique passcode when signing in, trading, withdrawing or depositing.
2FA can be set up as:
- A Passkey which utilizes phishing-resistant FIDO2 security and is only ever stored on the device it was enabled on. This could use your device biometrics (fingerprint or face ID) or by using a Hardware Security Key.
- An authenticator app on your mobile device where the passcode changes every 30 seconds.
Enabling sign-in 2FA also activates Step-up 2FA. This is an extra step that is required anytime that 2FA settings on your account are added, edited or removed. Once a change to your Kraken account is requested, a popup window will appear to confirm your sign-in 2FA. Without the Step-up 2FA code no changes can be made, even if somebody managed to sign into your account without your permission.
Additional reading:
These functions are all the different actions you can enable 2FA for. To learn more about the 2FA functions and how to set them up, refer to the following articles:
- How does 2FA for sign-in work?
- How does 2FA for trading work?
- How does 2FA for withdrawals & deposits work?
- What is a Master Key?
Tip: Trading and Funding 2FA are only effective when used in tandem with Step-up 2FA or the Global Settings Lock (GSL). Only enable the GSL after you have enabled a Master Key.