Two-factor authentication (2FA) is an extra layer of security for your Kraken account. While using sign-in 2FA, gaining access to your account will require your username, password and an additional passcode that can only be created from a physical device that you own.
To learn more about the sign-in 2FA method, check out this article: How does 2FA for sign in work?
Why use 2FA?
✓ Unauthorized access is stopped if your username and password are stolen.
✓ Your account can only be accessed by the holder of the device that has the 2FA code.
✓ Every time you sign in, your device creates a unique passcode that is required for accessing your account.
How 2FA works
Without the Step-up 2FA code no changes can be made, even if somebody managed to sign into your account without your permission.
Adding 2FA and signing into your account with 2FA
The difference between sign-in 2FA, trading 2FA, funding 2FA and the Master Key
To learn more about the 2FA functions and how to set them up, check out these articles:
Tip: Enable the GSL after you have enabled 2FA functions.
Authenticator app versus Security Key
For example, you may choose to use the Hardware Security Key method for the sign-in function because Hardware Security Keys are the most convenient and secure to use in daily life.
Then for your Master Key function, you may choose to use the authenticator app method because it is less convenient to use and not needed as frequently. The Master Key is only needed in the rare case when you've lost your sign-in 2FA, have to change your password or need to remove the GSL immediately.
Having sign-in 2FA and the Master Key on the same device cancels out the security that these functions guarantee when kept separate. The 2FA method used for the Master Key should be different from the one used for your sign-in 2FA, otherwise it defeats the purpose of the Master Key.
If you use separate devices you could use an authenticator app for both functions as each app will generate a different code.
To learn more about the 2FA methods and how to set them up, check out these articles: