How does two-factor authentication (2FA) for sign-in work?
Enabling Two-Factor Authentication (2FA) enhances your Kraken account security by adding a second authentication method, in addition to your sign-in password . This ensures that attackers can't access your account without both your 2FA code and login credentials to access your account.
For example, if your email is compromised, an attacker might retrieve your Kraken username and reset your password. However, with 2FA enabled, they cannot sign in without the 2FA code, safeguarding your account.
Tip: You can prevent password resets on your Kraken account by setting up a Master Key. However, even sign-in 2FA can't protect your account if you enter it on a phishing website or share it with a scammer, so beware of phishing scams.
How do I set up sign-in 2FA?
This is for clients using the Kraken interface (kraken.com/c)
- 1
Sign in to your Kraken account via https://id.kraken.com/sign-in.
- 2
Click on your profile icon in the upper-right corner of the page.
- 3
Select Security.
- 4
Under sign-in 2FA, click on Enable.
- 5
Follow instructions to complete the sign-in 2FA setup.
- 1
Sign in to your Kraken account.
- 2
You may receive a popup asking you to add 2FA. If you do, click Add passkey.
- 3
If you don’t receive the popup, click on your profile icon in the bottom-left corner of the page and select Security.
- 4
Scroll to find sign-in 2FA. Click Add passkey and Enable.
- 5
Follow instructions to complete the sign-in 2FA setup.
This is for clients using the Kraken Pro interface (pro.kraken.com)
- 1
Sign in to your Kraken account via https://pro.kraken.com
- 2
Click on your profile icon in the upper-right corner of the page.
- 3
Select Settings and then Security. Scroll down to the 2FA table.
- 4
Select Activate 2FA beside the Sign-in section. If you already have a 2FA set up, select Change method and choose the 2FA method you want to use. The methods available are: Hardware Security Key (most secure) and Authenticator app (moderately secure).
Security Tip
The sign-in 2FA device for your Kraken account should be kept separate from your username and password, as storing this information together would provide an attacker all the information needed to access your account.
Sign-in 2FA is highly recommended!
At Kraken, we consider sign-in 2FA a basic security feature that everyone can utilize, both with your Kraken account and email!
Additionally, enabling sign-in 2FA activates Step-up 2FA on your account. Step-up 2FA is an extra step that is required anytime you want to add, edit or remove any 2FA settings on your account. Once a change to your Kraken account is requested, you will be prompted to confirm your sign-in 2FA again via the six digit code from your authenticator app or your Hardware Security Key. The code must be entered correctly before any changes can be made to the 2FA settings on your account.
If you need help to recover your sign-in 2FA please contact Support. If the device that your 2FA is on has been lost or stolen, your account is at risk of being compromised, especially if your email account can be accessed from that device. You should immediately sign in to your Kraken account and change your password and 2FAs. Likewise, sign in to your email account and change the password and 2FAs there. If you are unable to sign in, you can temporarily disable your account.
How do I set up sign-in 2FA?
Sign-in 2FA is highly recommended!