The Security Shield is a tool that helps simplify the way you set up security features on Kraken. It also allows you to see, at a glance, how secure your account is and will prompt you to enable more security features to reach the maximum security level offered by Kraken.
How does the Security Shield work?
- The shield is a security icon that sits in the top right of the page next to your name. It fills up and changes color as you enable more security features.
- By selecting 'Protect your account', you will be taken on a guided, step-by-step explanation on how to set up each security feature and learn the benefits of enabling it.
- There are 4 different levels to the Security Shield. Once all are enabled, the shield will turn green and be set to Maximum:
- Critically Low (Enable Sign-in 2FA)
- Low (Enable Funding 2FA)
- Medium (Setup Masterkey)
- High (Turn on Global Settings Lock)
- Future proof - The Security Shield will allow you to easily become aware of new security features as they become available and help you enable them smoothly.
- Unique - This is the first of its kind in our industry in helping to educate and increase transparency about how secure your account is.
Security Levels explained
Once activated, each security level acts as a safeguard against unwanted actions within your account should it ever become compromised. Before activating a security feature, it is critical that you understand how it works so you have a smooth and seamless experience when performing any function within your account.
Security Level: Critically Low
Upon creation of your Kraken account the Security Shield will indicate your security level as Critically Low. This is the lowest possible level of security, your account is only being protected by your Username and Password.
It is absolutely essential that you secure your account with Sign-In 2FA, using either an authenticator app or the most secure option, a YubiKey. Both options generate a random code that must be entered every time you sign in to your account and greatly enhances the overall security of your account. Your Sign-in 2FA will be necessary to access Kraken.com, Kraken Support Center, and Kraken Terminal.
Additionally, Sign-in 2FA activates Step-up 2FA which is an extra step that is required anytime you want to add, edit or remove any 2FA settings on your account. Once a change to your Kraken account is requested, you will be prompted to confirm your Sign-in 2FA again via the 6-digit code from your authenticator app or via your YubiKey. The code must be entered correctly before any changes can be made to the 2FA settings on your account.
Security Level: Low
After setting up your Sign-in 2FA, the Security Shield will indicate your overall security level as Low. When you click on the Shield it will prompt you to enable 2FA for Funding. You will again have the option of either an authenticator app or a YubiKey. Once enabled, you will need to enter the randomly generated authenticator code or Yubikey to perform the following functions:
- Generate a deposit address
- Add a withdrawal address
- Initiate a withdrawal
- Initiate a transfer
- Stake or unstake funds
Security Level: Medium
Once you have enabled 2FA for Funding, the Security Shield raises your security level to Medium. The Shield will then prompt you to set up a Master Key. In addition to Sign-in 2FA, the Master Key is one of Kraken’s most important security features as it protects your account from unwanted password resets or disabling of 2FA, even in the event of an email compromise. You have three options for the Master Key; the authenticator app, Yubikey, or a static password. Once enabled, you will need the Master Key to perform the following functions:
- Reset your Password
- Bypass Sign-in / Funding 2FA
- Turn off the Global Settings Lock (GSL)
IMPORTANT: The Master Key should be kept separate from your account sign-in information or any other 2FAs, as storing this information together would create a security threat to your account.
Security Level: High
After enabling your Master Key, the Security Shield raises your security level to High. The final step to reaching maximum security status is by enabling the Global Settings Lock (GSL). The GSL acts as the last line of defense if your sign-in password and Sign-in 2FA are compromised. When activated, it locks all ability to make changes to the settings on your account. It can only be unlocked with your Master Key, or in the event that you don’t set up a Master Key, a GSL unlock takes a minimum of 24 hours (or up to 30 days) depending on how you set it up. You will also be notified via email of any attempted GSL unlock on your account, giving you time to take action in the event of a compromise.
Once the GSL is enabled it will:
- Hide sensitive information in your account.
- Restrict any changes to your account settings (password reset, disabling of 2FA, etc.).
- Prevent the addition of a new withdrawal address.
Important: Before setting up a GSL, it is strongly encouraged to set up a Master Key in case you want to make immediate changes to your account. A Master Key has the ability to turn the GSL off at any time. Kraken support is unable to expedite the GSL unlock process.
Security Level: Maximum
After enabling all security features, the Shield will turn green and indicate you have achieved the Maximum security level currently available at Kraken. Once new security features are available, the Shield will indicate this and walk you through the process.
Click here for more information about securing your account and digital life.