A Master Key is a security feature that can be used to recover account access in case you lose login credentials, as well as prevent an attacker from compromising your account.
Enabling a Master Key allows you to:
- Bypass Two-factor Authentication (2FA) for login even if you lose access to your Two-factor Authentication method.
- Turn off the Global Settings Lock (GSL) on your account, if the unlock timeout is set to 0 or you want to turn off the GSL immediately.
- Prevent a password reset, even if your email account is compromised.
How do I set up a Master Key?
You can set up a Master Key by logging in to your Kraken account and clicking on the “Security” tab. Next, click the "On/Off" dial under “Master Key” and choose the method you want to use. Follow the guides below, depending on the method you choose, for how to set it up:
- Static password (least secure)
- Authenticator app (more secure)
- Yubikey device (most secure)
Should I set up a Master Key?
We recommend setting up a Master Key in combination with other security features on your Kraken account, such as Two-factor Authentication and the Global Settings Lock. The Master Key is a useful account security feature and we recommend setting it up using an Authenticator app or a Yubikey.
Security Tip: The Master Key on your account, regardless of the method you choose to use, should be uniquely created and not used for any other purpose. Master Keys should also be kept separate from any account login information, as storing this information together would create a security threat to your account.