Kraken Ramps Up Security With Enforced 2FA and Dedicated Lab

Crypto exchange Kraken is embarking on a security drive, introducing compulsory two-factor authentication and a dedicated security lab.

AccessTimeIconMar 28, 2019 at 6:15 a.m. UTC
Updated Sep 13, 2021 at 9:01 a.m. UTC
Consensus 2023 Logo
Join the most important conversation in crypto and Web3 taking place in Austin, Texas, April 26-28.
Consensus 2023 Logo
Join the most important conversation in crypto and Web3 taking place in Austin, Texas, April 26-28.

Cryptocurrency exchange Kraken has introduced two new initiatives aimed at enhancing client and industry security.

Firstly, the firm's recently appointed chief security officer, Nicholas Percoco, announced in a blog post on Tuesday that the exchange has launched compulsory two-factor authentication (2FA).

Kraken has had 2FA as an option for users since its launch in September 2013, but now they will be asked to enable the feature upon their next login, Percoco said, adding that the prompted options for 2FA are Google Authenticator and YubiKey currently.

Secondly, the exchange has formed Kraken Security Labs, aimed to improve the security of both its own products and the “entire cryptocurrency ecosystem” by performing "vulnerability" research on third-party products, such as hardware and software wallets.

Percoco said his vision for Kraken is to “expand upon the strong, industry leading security foundation,” and utilize advanced security products such as threat intelligence, behavior analytics and adversarial deception techniques, and incorporate them into the exchange’s present and future products.

The CSO further said that Kraken will keep developing with other client-facing security enhancements in the near future. The exchange’s product management team will provide “constant improvement into 2020 and beyond” through its security features roadmap.

“While this roadmap is not made public, you’ll be hearing about security enhancements and upgrades as they are released and made available to you," Percoco said. "Like most features similar to 2FA, you’ll need to enable them to take advantage of the added security, so please be sure to take action when you’re prompted to."

Nicholas Percoco image via Kraken 


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Learn more about Consensus 2023, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.