Enabling Two-Factor Authentication (2FA) enhances your Kraken account security by adding a second authentication method, in addition to your sign-in password . This ensures that attackers can't access your account without both your 2FA code and login credentials to access your account.

For example, if your email is compromised, an attacker might retrieve your Kraken username and reset your password. However, with 2FA enabled, they cannot sign in without the 2FA code, safeguarding your account.

At Kraken, we consider sign-in 2FA a basic security feature that everyone can utilize, both with your Kraken account and email!

Additionally, enabling sign-in 2FA activates Step-up 2FA on your account. Step-up 2FA is an extra step that is required anytime you want to add, edit or remove any 2FA settings on your account. Once a change to your Kraken account is requested, you will be prompted to confirm your sign-in 2FA again via the six digit code from your authenticator app or your Hardware Security Key. The code must be entered correctly before any changes can be made to the 2FA settings on your account.

If you need help to recover your sign-in 2FA please contact Support. If the device that your 2FA is on has been lost or stolen, your account is at risk of being compromised, especially if your email account can be accessed from that device. You should immediately sign in to your Kraken account and change your password and 2FAs. Likewise, sign in to your email account and change the password and 2FAs there. If you are unable to sign in, you can temporarily disable your account.