Sign-in 2FA required to use & activate Step-up 2FA:
For Step-up 2FA to be effective, you must have sign-in 2FA enabled on your account! If you don’t have this security feature enabled yet, we strongly encourage you to do so. Read here for more info on how to set it up.
Step-up 2FA is an extra step that is required anytime you want to add, edit or remove any 2FA settings on your account. Once a change to your Kraken account is requested, you will be prompted to confirm your sign-in 2FA again via the 6-digit code from your authenticator app or via your Hardware Security Key. The code must be entered correctly before any changes can be made to the 2FA settings on your account.
Note: If you have the Global Settings Lock (GSL) enabled, you won’t be able to change any of your security settings and Step-up 2FA won’t be displayed or available as the GSL is considered the strongest security feature we currently offer.
Example: You only have Funding 2FA enabled and an attacker phishes your sign-in credentials and enters your account. If you don't have your GSL enabled, an attacker would be able to disable your funding 2FA and potentially remove funds. If you have sign-in 2FA activated, an attacker would need to reconfirm your sign-in 2FA code to remove your funding 2FA, preventing the removal of this security feature and keeping your funds safe and secured in your account.
Which settings & actions are affected by Step-up 2FA?
Additional Information regarding Step-up 2FA
- In order for Step-up 2FA to work you must have sign-in 2FA enabled via an authenticator app or Hardware Security Key. If you do not have sign-in 2FA, or if your sign-in 2FA is a static password, your security settings can still be edited.
- In the event that you lose your sign-in 2FA, you can still use your Master Key to bypass the sign-in 2FA on your account.
For more information on securing your Kraken account and digital life, please read here.