What is 2FA
Two-factor Authentication (2FA) is an extra layer of security for your Kraken account that can be utilized to:
✓ ensure that you are the only person who can login to your account
How 2FA works
When enabled, 2FA requires an extra passcode when logging in, depositing, withdrawing, or trading. This extra passcode can be stored in an app on your phone (in which the passcode changes every 30 seconds) or in a small USB device like the Yubikey (in which the passcode changes after each use).
This makes things much harder for potential attackers, as they would not only need your username and password, but also be in possession of your 2FA device (phone or Yubikey).
Functions are all the different actions you can enable 2FA for.
To learn more about the 2FA functions and how to set them up, see these specialized guides:
- How does 2FA for Login work? (required)
- How does 2FA for Deposits & Withdrawals work? (optional; needs GSL*)
- How does 2FA for Trading work? (optional; needs GSL*)
- What is a Master Key? (used to remove the GSL)
*Important: Without the GSL, these 2FA functions can be removed if your account login is compromised. Enable the GSL after you've finished setting up all your desired 2FAs and Master Key.
Only login 2FA does not require the GSL in order to be effective.
Each function can have 2FA enabled using one of three different methods.
For example, you may chose to use the Yubikey method for the Login function because Yubikeys are the most convenient (and secure) to use on a day-to-day basis.
Then for your Master Key function, which is only needed in the rare case when you've lost your Login 2FA or need to remove the GSL, you may chose to use the Authenticator App method because it is less convenient to use and not needed as frequently.
The 2FA device and/or method used for the Master Key must be different from the one used for your Login 2FA, otherwise it defeats the purpose of the Master Key.
It's ok to use an authenticator app for both Login 2FA and the Master Key only if they are on separate phones (or other devices).
To learn more about the 2FA methods and how to set them up, see these specialized guides:
|Method||Device||Security level||Setup instructions|
|Yubikey||Yubikey||Most secure||Click here|
|Authenticator app||Phone or laptop||Moderately secure||Click here|
|Static password||N/A||Least secure