A Master Key is an additional password that allows you to:

• Prevent an unwanted password reset, even if your email account is compromised (If enabled, the Master Key is required to reset your Kraken Sign-In Password).
• Bypass Sign-in Two-factor Authentication (2FA) if you lose access to it (for this reason, Sign-in 2FA and Master Key should always be kept separate).
• Turn off the Global Settings Lock (GSL) immediately if enabled on your account.

Note: Master Key should not be confused with Sign-in Two-factor Authentication (2FA).

We recommend setting up a Master Key in combination with other security features. 

What methods are available to use as your Master Key? 

• YubiKey device (most secure) A USB device that you insert into your computer which generates a unique passcode every time you touch or tap the device. This unique passcode would be, in this case, your Master Key and it would change with every use.
• Authenticator app (moderately secure) Usually installed on a smartphone and generates a 6-8 digit passcode every 30 seconds. As with a Yubikey, this unique passcode would be your Master Key and would change with each use.
• Static password (least secure; not recommended) To be used if you want your Master Key to be a classic password of your choice. Being a static password that doesn’t change with each use, it’s less secure than the other options and should be long and complex enough not to be guessed.

How do I set up a Master Key?

• Sign into your Kraken account.
• Click on your name in the upper-right corner of the page.
• Click on “Security”.
• Click on "2FA Settings".
• Click the “On/Off” dial in the “Master Key” section and choose the method you want to use.

REMINDER: The Master Key should be kept separate from account sign-in information or any other 2FAs, as storing this information together would create a security threat to your account.

For example, if you use a YubiKey for Sign-In 2FA, then use an authenticator app or a different YubiKey for the Master Key.