In the event of a sign-in compromise, enabling two-factor authentication (2FA) for deposits and withdrawals (i.e. Funding) improves your account security by preventing attackers from moving funds in or out of your account.
Note that you must also enable the Global Settings Lock (GSL) in order for it to be effective.
Deposit 2FA requires a 2FA code for:
- •Generating a new cryptocurrency deposit address (and thus preventing existing addresses from expiring)
Withdrawal 2FA requires a 2FA code for:
- •Withdrawing any type of funds from your Kraken account
- •Transfers to your Futures wallet (but not from your Futures Wallet)
However, withdrawal 2FA does not prevent the addition of cryptocurrency withdrawal addresses. For that, you'll need to enable the Global Settings Lock (GSL).
If you are using the Kraken Pro interface you will not be required to enter your funding 2FA code.
Should I set up deposits and withdrawals 2FA?
Adding 2FA for deposits & withdrawals is an excellent choice for high value accounts and clients who prefer top-notch security for their accounts.
Clients who hold funds in their account at Kraken, but do not frequently transfer funds to or out of their account are also encouraged to enable this feature.
How do I set up deposits and withdrawals 2FA?
If you have not already set up a sign-in 2FA on your account, you will be prompted to do so first before setting up 2FA for deposits & withdrawals.
- 2.Click on your name or profile icon in the upper-right corner of the page.
- 3.Click on Security and then scroll down to Advanced Settings.
- 4.Beside Funding, select Enable and choose the 2FA method you want to use. The methods available are: Hardware Security Key (most secure) and Authenticator app (moderately secure).You may be prompted to enter your Sign-in 2FA again as an additional security measure known as Step-up 2FA. If enabled, Passkeys and/or Master Key can be selected as Step-up 2FA methods for approving changes to your 2FA settings.
IMPORTANT: After enabling 2FA for deposits & withdrawals, you must also enable the Global Settings Lock (GSL) or a sign-in 2FA in order for it to be effective. Once a change to your Kraken account is requested, you will be prompted to confirm your sign-in 2FA again via the 6-digit code from your authenticator app or via your Hardware Security Key. The code must be entered correctly before any changes can be made to the 2FA settings on your account. If you choose not to use sign-in 2FA, you must enable the GSL. Without the GSL, the deposits & withdrawals 2FA can be easily removed or changed by anyone who gains access to the account.