Features
Getting Started
  • Security
  • Fee Structure
  • Funding Options
  • Staking
  • 24/7 Support
  • Liquidity
    • Advanced
  • Margin Trading
  • Indices
  • Futures
  • OTC
  • Account Management
  • Cryptowatch
    • Prices
    Learn
  • Crypto Guides
  • Videos
  • Podcast
    • Support Futures Institutions Contact Support
    Español Français Italiano 日本語 Português
    Support

    How can we help?

    Using a Security Key for two-factor authentication (2FA)

    1. Kraken
    2. Account Security & Verification
    3. Account Security
    4. Two-factor authentication (2FA) Troubleshooting

    A Security Key is a small physical device used for additional security next to your password and is considered to be one of the most secure ways of two-factor authentication (2FA). Most Security Keys are very simple and you only need to touch or tap a button while it is plugged into the USB port of your device.

    At this moment only sign-in 2FA can be secured with both FIDO2 and Yubico OTP protocols. We expect to support FIDO2 for all 2FA functions in the near future.

    Functions Available Security Key protocols
    Sign-in 2FA FIDO2, Yubico OTP
    Trading 2FA None
    Funding 2FA Yubico OTP
    Master Key Yubico OTP

    Each function needs to be set up separately. To learn more about the 2FA functions above, you can review this support article.

    Security Keys frequently asked questions:

    Why should I use a Security Key instead of an authenticator app?
    • Simplicity
      All you need to do with a Security Key is plug it into, or hold it against your device and touch or tap a button. No need to copy a passcode from an authenticator app or worry about your device's battery running out.
    • Security
      OTP’s generated by a Security Key are significantly longer than those from an authenticator app (44 characters versus 8 or less characters). FIDO2 adds additional security on top of this, because the protocol will only respond to a challenge from the website that you registered it on, and will therefore prevent phishing
    • Harder to lose
      We see a lot of tickets at Kraken Support because someone lost their phone. In our experience, it is less likely to lose a device specifically used for 2FA than a phone that is carried around all the time.
    • Privacy
      Even if you lose your Security Key, it has no identifiable information about what it is used for or who it belongs to. In contrast, an authenticator app mentions the website name and some identifiable account information because the passcode needs to be manually read by a human.

    Where can I get a Security Key?

    Some of the most popular FIDO2 Security Key providers are:

    Each has their own advantages and disadvantages. Some are multifunctional, and also serve as a cryptocurrency wallet, while others are specialized in providing security above everything else.

    It is up to you which provider you choose, we recommend starting with searching “fido2 security key comparison” in your preferred search engine or picking one of the popular Security Key providers we mentioned earlier.
    How to set up a Security Key on Kraken
    1. Make sure your Security Key is compatible with Yubico OTP or FIDO2.
      Review this article for YubiKey compatibility.
    2. Navigate to the 2FA settings of your account
      2FA_Security.png
    3. Decide the function you want to enable 2FA for, by clicking the Change method link or switch.
    4. Select the Security Key menu and click on the Set up key button.
      Security_2FASetupSecurityKey_03302022.png
    5. Insert your Security key into your device.
      Some Security keys will instead require you to hold it against your device. 
      Security_InsertSecurityKey_032522.png
    6. Click confirm on the following screen.
      Security_AllowSecurityKey_032522.png
    7. Congratulations, you have secured your Kraken account!
    How to update Sign-in 2FA from YubiKey OTP to a FIDO2 Security Key

    Updating your Sign-in 2FA from a Security Key that uses YubiKey OTP to a Security Key that uses FIDO2 takes less than a minute!

    1. Sign into your Kraken account and navigate to your 2FA settings.2FA_Security.png
    2. Select Change method in the Sign-in section and then use your current YubiKey to authorize this change.
    3. Select the Security Key menu and then select the Set up key button.Security_2FASetupSecurityKey_03302022.png
    4. Insert your FIDO2 Security Key into your device.
    5. Select allow on the following screen.
    6. Congratulations, your FIDO2 Security Key is now enabled as Sign-in 2FA for your Kraken account! You have the highest level of security available to protect unauthorized access to your account.
    I lost my Security Key!
    If you no longer have access to your Security Key, please fill out this form.
    What is a FIDO2 PIN?
    Depending on the device you use, you may be prompted to set or use a PIN when using a FIDO2 key.

    For an overview on how to set or use a PIN you can visit the website of your Security Key manufacturer. For example, if your Security Key is a YubiKey, you can find more information on how to manage your Security Key's PIN on Yubico's website.
    Was this article helpful?

    Related articles

      Need more help?
    • Chat directly with one of our support specialists.
      • Chat now
      Prefer talking?
    • Our dedicated support specialists are here to help 24/7.
      • Phone Support