This article will show you how to secure your Kraken account by using an authenticator app to set up Two-factor Authentication (2FA) for specific account actions.
If you want to learn more about authenticator apps and how they work, click here.
How to set up an authenticator app on Kraken
1. Go to the Security page of your account.
- Sign in to your Kraken account.
- Select your name in the upper-right corner of the page.
- Select "Security".
- Select the 'OFF/ON' dial under the desired function (Sign-In, Funding, Trading, Master Key, API keys) or select 'Change method' if you currently have 2FA set up and you would like to change it.
3. Select 2FA App from the different options (2FA App, Yubikey, Password).
4. Open the authenticator app on your device and either scan the QR code provided, or manually enter the setup key.
- If you want to backup your secret key, see this article.
5. Enter the numeric code that appears in your authenticator app, and click the “Confirm” button.
6. Congratulations, you have secured your Kraken account!
- If you set up Sign-In 2FA, you will see "2FA app" appear under authentication method.
- If you set up Funding 2FA, Trading 2FA, or Master Key 2FA, the "On/Off" dial will be toggled to the on position to the right.
- In all cases, "2FA app" will be shown as the method.
Account name displayed in authenticator app: When syncing your account with a 2FA app like google authenticator the app will receive and display "kraken.com (Kraken - ‘Sign-in/Funding/Trading/API’ (username)" by default. You can rename this entry anytime in the app settings by selecting the account and editing the name.
Security tip: If the device that your authenticator app is on has been lost or stolen, your account is at risk of being compromised, especially if your email account can be accessed from that device. In this situation, you should immediately sign in to your account to make the necessary changes to your account settings. If you are unable to sign in, contact the Kraken Support team by opening a support ticket to have your account temporarily disabled.