What is a Master Key?
A Master Key is an additional password that allows you to:
- Prevent an unwanted password reset, even if your email account is compromised (If enabled, the Master Key is required to reset your Kraken sign-In password).
- Bypass sign-in Two-factor Authentication (2FA) if you lose access to it (for this reason, sign-in 2FA and Master Key should always be kept separate).
- Turn off the Global Settings Lock (GSL) immediately if enabled on your account.
Note: Master Key should not be confused with sign-in Two-factor Authentication (2FA).
We recommend setting up a Master Key in combination with other security features.
What methods are available to use as your Master Key?
- Hardware Security Key (most secure) A USB device that you insert into your computer which generates a unique passcode every time you touch or tap the device. This unique passcode would be, in this case, your Master Key and it would change with every use.
- Authenticator app (moderately secure) Usually installed on a smartphone and generates a 6-8 digit passcode every 30 seconds. As with a Hardware Security Key, this unique passcode would be your Master Key and would change with each use.
- Static password (least secure; not recommended) To be used if you want your Master Key to be a text password of your choice. As a static password does not change with each use, it’s less secure than the other options and should be long and complex enough not to be guessed.
How do I set up a Master Key?
On Kraken Classic:
- Click on your name in the upper-right corner of the page.
- Click on Security.
- Click on 2FA Settings.
- Click the On/Off toggle in the Master Key section and choose the method you want to use.
On Kraken Pro:
- Click on your name in the upper-right corner of the page.
- Click on Settings.
- Click on the Security tab.
- Click the On/Off toggle in the Master Key section and choose the method you want to use.
You can not set up a Master Key on the Kraken interface. Which Kraken interface am I on?
REMINDER
The Master Key should be kept separate from account sign-in information or any other 2FAs, as storing this information together would create a security threat to your account.
For example, if you use a Hardware Security Key for sign-in 2FA, we advise to then use an authenticator app or a different Hardware Security Key for the Master Key.