In the event of a sign-in compromise, enabling Two-Factor Authentication (2FA) for Deposits & Withdrawals (i.e. Funding) improves your account security by preventing attackers from moving funds in or out of your account. Note that you must also enable the Global Settings Lock (GSL) in order for it to be effective.
Deposits 2FA requires a 2FA code for:
- Generating a new cryptocurrency deposit address (and thus preventing existing addresses from expiring)
Withdrawal 2FA requires a 2FA code for:
- Withdrawing any type of funds from your Kraken account
- Transfers to your Futures wallet (but not from your Futures Wallet)
However, Withdrawal 2FA does not prevent the addition of cryptocurrency withdrawal addresses. For that, you'll need to enable the Global Settings Lock (GSL).
Below are screenshot examples of what you would see when 2FA for Deposits & Withdrawals is enabled.
1. Adding a cryptocurrency deposit address:
2. Requesting a withdrawal:
Should I set up Deposits & Withdrawals 2FA?
Adding 2FA for Deposits & Withdrawals is an excellent choice for high value accounts and clients who prefer top-notch security for their accounts.
Clients who hold funds in their account at Kraken, but do not frequently transfer funds to or out of their account are also encouraged to enable this feature.
How do I set up Deposits & Withdrawals 2FA?
If you have not already set up a Sign-In 2FA on your account, you will be prompted to do so first before setting up 2FA for Deposits & Withdrawals.
2. Click on your name in the upper-right corner of the page.
3. Click on Security and then select 2FA Settings.
4. Under Funding, select the On/Off switch or "Change method" and choose the 2FA method you want to use.
The methods available are:
- YubiKey device (most secure)
- Authenticator app (moderately secure)
- Static password (no longer available for Funding 2fa)
IMPORTANT: After enabling 2FA for Deposits & Withdrawals, you must also enable the Global Settings Lock (GSL) or a Sign-in 2FA in order for it to be effective. Enabling Sign-in 2FA activates Step-up 2FA on your account. Step-up 2FA is an extra step that is required anytime you want to add, edit or remove any 2FA settings on your account. Once a change to your Kraken account is requested, you will be prompted to confirm your Sign-in 2FA again via the 6-digit code from your authenticator app or via your YubiKey. The code must be entered correctly before any changes can be made to the 2FA settings on your account.
If you choose not to use Sign-in 2FA, you must enable the GSL. Without the GSL, the Deposits & Withdrawals 2FA can be easily removed or changed by anyone who gains access to the account.