Step-up 2FA is an extra step that is required anytime you want to add, edit or remove any 2FA settings on your account. Once a change to your Kraken account is requested, you will be prompted to confirm your sign-in 2FA again via the 6-digit code from your authenticator app or via your Hardware Security Key. The code must be entered correctly before any changes can be made to the 2FA settings on your account.

Note: If you have the Global Settings Lock (GSL) enabled, you won’t be able to change any of your security settings and Step-up 2FA won’t be displayed or available as the GSL is considered the strongest security feature we currently offer.

Why is this helpful?

This additional authorization creates an added layer of protection should your account ever become compromised via a phishing incident, email compromise or similar attack vector.

Example: You only have Funding 2FA enabled and an attacker phishes your sign-in credentials and enters your account. If you don't have your GSL enabled, an attacker would be able to disable your funding 2FA and potentially remove funds. If you have sign-in 2FA activated, an attacker would need to reconfirm your sign-in 2FA code to remove your funding 2FA, preventing the removal of this security feature and keeping your funds safe and secured in your account.

Which settings & actions are affected by Step-up 2FA?

• Recovering or editing sign-in 2FA
• Removing or changing trading 2FA
• Removing or changing funding 2FA
• Removing or changing Master Key

Additional Information regarding Step-up 2FA

• In order for Step-up 2FA to work you must have sign-in 2FA enabled. If you do not have sign-in 2FA, your security settings can still be edited.
• How to add sign-in 2FA to your account.
• In the event that you lose your sign-in 2FA, you can still use your Master Key to bypass the sign-in 2FA on your account. 

For more information on securing your Kraken account and digital life, please read here.