The Security Shield is a tool that helps simplify the way you set up security features on Kraken. It provides:
- Increased transparency
Easily see how secure your account is at any moment. This feature is the first of its kind in our industry.
- Immediate awareness
Learn of new security features as soon as they become available on Kraken.
- Instant support
Learn how to enable new features as quickly and easily as possible. And be informed why these features provide the best security in the current digital landscape.
- The shield icon that sits in the top right of the page next to your name, fills up and changes color as you enable more security features.
- By selecting 'Protect your account', you will be taken on a guided, step-by-step explanation on how to set up each security feature and learn the benefits of enabling them.
- There are five different levels to the Security Shield.
- Critically Low
Sign-in 2FA is required
Funding 2FA is required
Master Key is required
Global Settings Lock is required
No further action required
- Critically Low
Upon creation of your Kraken account the Security Shield will indicate your security level as Critically Low. This is the lowest possible level of security, your account is only being protected by your Username and Password.
It is absolutely essential that you secure your account with Sign-In 2FA, using either an Authenticator App or the most secure option, a Hardware Security Key. Both options generate a random code that must be entered every time you sign in to your account and greatly enhances the overall security of your account. Your Sign-in 2FA will be necessary to access Kraken.com, Kraken Support Center and Kraken Terminal.
Additionally, Sign-in 2FA activates Step-up 2FA which is an extra step that is required anytime you want to add, edit or remove any 2FA settings on your account. Once a change to your Kraken account is requested, you will be prompted to confirm your sign-in 2FA again via the 6-digit code from your Authenticator App or via your Hardware Security Key. The code must be entered correctly before any changes can be made to the 2FA settings on your account.
After setting up your sign-in 2FA, the Security Shield will indicate your overall security level as Low. When you click on the Shield it will prompt you to enable 2FA for Funding. You will again have the option of either an Authenticator App or a Hardware Security Key. Once enabled, you will need to enter the authenticator app code or use the Hardware Security Key to perform the following functions:
- Generate a deposit address
- Add a withdrawal address
- Initiate a withdrawal
- Initiate a transfer
- Stake or unstake funds
Once you have enabled 2FA for Funding, the Security Shield raises your security level to Medium. The Shield will then prompt you to set up a Master Key. In addition to Sign-in 2FA, the Master Key is one of Kraken’s most important security features as it protects your account from unwanted password resets or disabling of 2FA, even in the event of an email compromise. You have three options for the Master Key; authenticator app, Security Key or static password. Once enabled, you will need the Master Key to perform the following functions:
- Password reset.
- Sign-in 2FA recovery.
- Global Settings Lock (GSL) disabling.
Store your Master Key separately from other 2FA's
Storing it together with passwords and 2FA's will cancel out the security the Master Key can provide.
After enabling your Master Key, the Security Shield raises your security level to High. The final step to reaching maximum security status is by enabling the Global Settings Lock (GSL). The GSL acts as the last line of defense if your sign-in password and Sign-in 2FA are compromised. When activated, it locks all ability to make changes to the settings on your account. It can only be unlocked with your Master Key. In the event that you don’t set up a Master Key, a GSL unlock takes a minimum of 24 hours and a maximum of 30 days depending on how you set it up. You will also be notified via email of any attempted GSL unlock on your account, giving you time to take action in the event of a compromise.
Once the GSL is enabled it will:
- Hide sensitive information in your account.
- Restrict any changes to your account settings (password reset, disabling of 2FA, etc.).
- Prevent the addition of a new withdrawal address.
Setup the Master Key before setting up the GSL
A Master Key has the ability to turn the GSL off at any time. Kraken Support is unable to expedite the GSL unlock process.
After enabling all security features, the Shield will turn green and indicate you have achieved the Maximum security level currently available at Kraken. Once new security features are available, the Shield will indicate this and walk you through the process.