Two-factor Authentication (2FA) is an extra layer of security for your Kraken account that can be utilized to:
✓ ensure that you are the only person who can access your account
✓ ensure you are the only person who can perform account actions such as depositing, withdrawing, or trading
When enabled, 2FA requires an extra passcode when logging in, depositing, withdrawing, or trading. This extra passcode is usually stored in an app on your phone and is regenerated every 30 seconds. Alternatively, you can use a physical security key solution such as Yubikey.
This makes things much harder for potential attackers, as they would not only need your username and password, but also be in possession of your 2FA device (phone or Yubikey).
Learn more about the 2FA functions and how to set them up:
- How does 2FA for Login work? (highly recommended)
- How does 2FA for Deposits & Withdrawals work? (optional + requires GSL)
- How does 2FA for Trading work? (optional + requires GSL)
- What is a Master Key? (optional + requires GSL)
Important: for 2FA to be effective for deposits, withdrawals, and trading, you need to enable the Global Settings Lock (GSL).
Only login 2FA does not require GSL in order to be effective.
2FA Methods
Learn more about the 2FA methods and how to set them up:
| Method | Security level | Learn to set it up |
| Yubikey | Most secure | Click here |
| Authenticator app | More secure | Click here |
| Static password | Least secure | Click here |