Features
Getting Started
  • Security
  • Fee Structure
  • Funding Options
  • Staking
  • 24/7 Support
  • Liquidity
    • Advanced
  • Margin Trading
  • Indices
  • Futures
  • OTC
  • Account Management
  • Cryptowatch
    • Prices
    Learn
  • Crypto Guides
  • Videos
  • Podcast
    • Support Futures Institutions Submit A Request
    Support

    How can we help?

    Using a YubiKey for two-factor authentication (2FA)

    1. Kraken
    2. Account Security
    3. Two-factor Authentication (2FA) Troubleshooting

    A YubiKey is a hardware device that can be used as a Two-factor Authentication (2FA) method on your Kraken account for sign-in, funding (deposits & withdrawals), and as a Master Key, to provide another layer of account security.

    A YubiKey is considered to be one of the most secure tools for two-factor authentication.

    Note: YubiKeys are not compatible with Trading 2FA until we implement FIDO U2F support.

    Why should I use a YubiKey instead of other 2FA options?

    Simplicity: All you need to do with a YubiKey is plug it into your computer and touch or tap a button. No need to copy a passcode from an authenticator app, or worry about your device's battery running out.

    Security: OTPs (One time passwords) generated by a YubiKey are significantly longer than those from an authenticator app (32 characters vs 6 or 8 characters), which means a higher level of security.

    Harder to lose: We see a lot of lost phone tickets at Kraken Support. In our experience, a client is less likely to lose a device specifically used for 2FA than a device like your phone that you carry around all the time.

    Privacy: Even if you lose your YubiKey, it has no identifiable information about what it is used for or who it belongs to. In contrast, an authenticator app by necessity mentions the website name and some identifiable account information because the passcode needs to be manually read by a human (this can be changed/removed, but most people keep the defaults).

    Future improvements: With the U2F protocol (coming soon to Kraken), YubiKey binds client sign-in to the original website’s URL. Only the real site can authenticate with the key. This means that while you may be tricked into thinking a website is real, the YubiKey won’t reveal your credentials.

     

    How to set up a YubiKey on Kraken

    1. Make sure your YubiKey meets our compatibility requirements.

    2. Go to the Security page of your account

    3. Decide which function you want to set up 2FA for.

    • Click the "OFF/ON" dial or "Change method" under the desired function (Sign-In, Funding, or Master Key).


    4. Select the “YubiKey” button.

    Security_YubiKeyMKWaiting_10052020.png

    5. Insert your YubiKey into an available USB port on your machine, wait a few seconds then touch or tap your YubiKey.

    6. When prompted, touch or tap your YubiKey again to confirm. This will register your YubiKey to your Kraken account.

    Security_YubiKeyMKConfirm_10052020.png

     8. Congratulations, you have secured your Kraken account! 

    • If you set up Sign-In 2FA, "YubiKey" will be shown as the method.
    • If you set up Funding 2FA or Master Key 2FA, the "On/Off" dial will be toggled to the on position (to the right).
    • In all cases, "YubiKey" will be shown as the method. 

     

    What should I do if I lose or damage my YubiKey?

    If you are unable to use your YubiKey for 2FA, please go through the troubleshooting steps outlined here.

    Was this article helpful?

    Related articles

      Need some more help?
    • Chat directly with one of our support specialists about your specific needs.
      • Chat Now
      Like what you see?
    • Sign up for a Kraken account and start trading Bitcoin, Ethereum and more today
      • Sign Up