Two-factor Authentication (2FA) is an extra layer of security for your Kraken account that can be utilized to:
✓ ensure that you are the only person who can access your account
✓ ensure you are the only person who can perform account actions such as depositing, withdrawing, or trading
When enabled, 2FA requires an extra passcode when logging in, depositing, withdrawing, or trading. This extra passcode can be stored in an app on your phone (in which the passcode changes every 30 seconds) or in a small USB device like the Yubikey (in which the passcode changes after each use).
This makes things much harder for potential attackers, as they would not only need your username and password, but also be in possession of your 2FA device (phone or Yubikey).
Learn more about the 2FA functions and how to set them up:
- How does 2FA for Login work? (highly recommended)
- How does 2FA for Deposits & Withdrawals work? (optional + requires GSL)
- How does 2FA for Trading work? (optional + requires GSL)
- What is a Master Key? (optional + requires GSL)
Important: For 2FA to be effective for deposits, withdrawals, and trading, you need to enable the Global Settings Lock (GSL). Without the GSL, they can be removed.
Only login 2FA does not require GSL in order to be effective.
2FA Methods
Learn more about the 2FA methods and how to set them up:
| Method | Security level | Learn to set it up |
| Yubikey | Most secure | Click here |
| Authenticator app | Moderately secure | Click here |
| Static password | Least secure (not recommended) |
Click here |