Chief Security Officer at US-based Kraken Exchange, Nick Percoco, has announced modifications to the exchange’s security features. According to the company’s blog post, Two Factor Authentication (2FA) is now mandatory for all users of the exchange.
He claims that they are doing this to better guide clients in the use of security features that are specifically designed to protect their accounts.
“I’ve been busy the past few months learning, organizing and working with our teams to build a world-class roadmap for security at Kraken,” he said. “There have already been a number of enhancements behind-the-scenes and many client facing security features are on their way”.
2FA has always been available to users, however, customers had the choice of whether to use it or not. With it becoming compulsory, users have the option of Google Authenticator or YubiKey.
The YubiKey is a security key which enables strong two-factor, multi-factor and passwordless authentication. Google Authenticator is an app that does the same.
More Security Upgrades And Enhancements Will Be Released
Percoco said that this will not be the last client-facing security enhancement users will hear about, adding that ever since his first day at Kraken, he’s been reviewing the exchange’s products. Working with the product management team, he is working on a “security features roadmap” which is planned out into 2020 and beyond. He believes that more security eyes on products in the crypto ecosystem is a way to improve the security clients, and not just the ones who use Kraken, but anyone within the crypto space.
“While this roadmap is not made public, you’ll be hearing about security enhancements and upgrades as they are released and made available to you,” he said. “Like most features similar to 2FA, you’ll need to enable them to take advantage of the added security, so please be sure to take action when you’re prompted to”.
Percoco also announced the formation of Kraken Security Labs, saying: “The effort is committed to improving the security of the entire cryptocurrency ecosystem by performing vulnerability research against 3rd party products, like hardware wallets, software wallets, and other related technology, and disclosing identified issues in a way that does not jeopardize the security of the industry or our clients, but rather improve security for our clients and the world once the issues are fixed”.