A Security Key is a small physical device used for additional security next to your password and is considered to be one of the most secure ways of two-factor authentication (2FA). Most Security Keys are very simple to use and you only need to touch or tap a button while it is plugged into the USB port of your device.
Kraken supports Security Keys that use Yubico OTP or FIDO2 protocols.
We recommend FIDO2, however Yubico OTP is also secure.
Only sign-in 2FA can be secured with a FIDO2 Security Key at this moment. However, funding 2FA and the Master Key can be secured with a YubiKey. For trading 2FA you will need to use either an authenticator app or a static password. We expect to support FIDO2 for most 2FA functions in the near future.
What is Yubico OTP?
What is FIDO2?
Why should I use a Security Key instead of an authenticator app?
- SimplicityAll you need to do with a Security Key is plug it into, or hold it against your device and touch or tap a button. No need to copy a passcode from an authenticator app or worry about your device's battery running out.
- SecurityOTP’s generated by a Security Key are significantly longer than those from an authenticator app (44 characters versus 8 or less characters). FIDO2 adds additional security on top of this, because the protocol will only respond to a challenge from the website that you registered it on, and will therefore prevent phishing.
- Harder to loseWe see a lot of tickets at Kraken Support because someone lost their phone. In our experience, it is less likely to lose a device specifically used for 2FA than a phone that is carried around all the time.
- PrivacyEven if you lose your Security Key, it has no identifiable information about what it is used for or who it belongs to. In contrast, an authenticator app mentions the website name and some identifiable account information because the passcode needs to be manually read by a human.
Where can I get a Security Key?
Some of the most popular FIDO2 security key providers are: