Wallets&Exchanges

Strengthen your account security with Passkeys and multiple forms of two-factor authentication (2FA)

By Nick Percoco, Kraken Chief Security Officer

When criminals obtain your username and password, whether via a phishing email or a 3rd party leak, they quickly attempt to compromise your accounts and extract funds. Kraken is dedicated to offering the most advanced security features to protect your assets from unauthorized access.

This blog post delves into the importance of two-factor authentication (2FA) and recent enhancements we’ve made to our offering, like Passkeys. We’ll explore how to enable multiple forms of 2FA on your Kraken account and the significant role this security layer plays in safeguarding your digital assets against unauthorized access. We’ll review the added benefits that employing a multifaceted 2FA approach provide to ensure you can access your account in a secure and flexible way.

Multiple 2FA methods and Passkeys

We are furthering our commitment to client security with the introduction of multiple 2FA methods during the sign-in process. This ensures clients are not limited to a single device or method for accessing their accounts.

This foundational security measure, combined with the introduction of Device-Bound Passkeys, provides an optimal balance of security and convenience. By integrating Passkeys, Kraken embraces the new secure login standard developed by the FIDO Alliance and the World Wide Web Consortium.

Since 2022, Kraken has supported FIDO2 credentials through hardware security keys, a method that has natural adoption and usage barriers due to cost and complexity. The adoption of Passkeys changes this narrative by introducing flexible choices when selecting 2FA methods.

Enhancing security resilience with diverse 2FA methods

The activation of multiple 2FA methods on a Kraken account significantly bolsters the resilience of your security posture. Kraken’s support for up to five Passkeys and one authenticator app offers a comprehensive approach to account security.

With Passkeys, clients can now store FIDO2 credentials on their phones, laptops, password managers and browsers. This development expands our strongest 2FA methods beyond hardware security keys, making 2FA accessible to ALL clients.

Passkeys notably simplify the 2FA experience by integrating biometric verification, such as fingerprint or facial recognition, offering a seamless authentication process. This means that clients no longer need to switch contexts to retrieve one-time codes from an authenticator app or plug in a separate hardware device. Instead, Passkeys provide a secure and user-friendly alternative.

The benefits of adding multiple forms of 2FA for enhanced security

Enabling multiple 2FA introduces a security framework that significantly decreases single-point-of-failure risk should one of the methods get lost or damaged. By enabling multiple 2FA methods for sign-in you achieve: 

Enterprise-grade security: FIDO2-compliant 2FAs with Passkeys provide an extra layer of protection against phishing attacks

Access versatility: Multiple access methods provide backup options in case one becomes unavailable

Enhanced protection for high-risk actions: Additional security checks for sensitive account operations safeguard against unauthorized transactions

Compliance with best security practices: A proactive security stance in alignment with cybersecurity experts’ recommendations, such as:

We all hate looking for that one missing sock. Don’t let it happen to your seed phrase too. Keep your security hygiene in check

Here’s how to do it from Kraken CSO @c7five and @Kitboga pic.twitter.com/bSSQ1qZ6Bd

— Kraken Exchange (@krakenfx) January 29, 2024

Enabling multiple 2FA methods: a step-by-step guide

Access 2FA security settings: Navigate to your profile icon on Kraken Pro, select Settings > Security, and find the 2FA options

Adding Passkeys: Click the Add a passkey button to add up to five devices to further secure your Kraken account

Managing your 2FA settings: personalization and flexibility

Kraken’s commitment to user-friendly security extends to the management of your 2FA settings, offering both personalization and flexibility. By allowing for the customization of 2FA descriptions, Kraken makes it simpler to manage and identify multiple security methods at a glance. 

Whether you’re using an authenticator app, Passkeys or hardware security keys, being able to assign descriptive names to each method enhances your ability to navigate and control your security settings effectively.

Moreover, Kraken’s interface is designed to easily update or remove 2FA methods, ensuring that you can adapt your security measures as your needs or circumstances change.

Elevate your account security today: Embrace multiple 2FA methods on Kraken and secure your crypto journey with unparalleled peace of mind.

These materials are for general information purposes only and are not investment advice or a recommendation or solicitation to buy, sell, stake or hold any crypto asset or to engage in any specific trading strategy. Kraken does not and will not work to increase or decrease the price of any particular crypto asset it makes available. Some crypto products and markets are unregulated, and you may not be protected by government compensation and/or regulatory protection schemes. The unpredictable nature of the crypto asset markets can lead to loss of funds. Tax may be payable on any return and/or on any increase in the value of your crypto assets and you should seek independent advice on your taxation position. Geographic restrictions may apply.

The post Strengthen your account security with Passkeys and multiple forms of two-factor authentication (2FA) appeared first on Kraken Blog.

Kraken Blog 

Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert