Nick Perkoko, director of security at Kraken, the US cryptocurrency exchange, announced that two-factor authentication (2FA) is now mandatory for exchange users, in a message on the company's official blog published on March 26.
In this case, 2FA is an optional component required to access the account. Often, 2FA requires that the user, after entering his login information, also enter a one-time password (OTP), received via SMS. According to the announcement, Kraken supports Google Authenticator and YubiKey as implementations of 2FA.
YubiKey is a hardware device designed to generate OTP, and Google Authenticator is a smartphone application designed for the same. The report notes that 2FA has been available as an additional security option for users since the launch of Kraken in 2013.
The announcement also notes that this measure is part of a wider set of changes included in its roadmap of security functions, which covers “until 2020 and beyond”. Although the roadmap itself will not be made public, Percoco claims that future changes will be announced and user actions will be required.
The publication also describes the creation of Kraken Security Labs, a team dedicated to improving the security of products and company environments. In addition, the team will also conduct research on vulnerabilities to third-party products, such as hardware and software wallets and related technologies.
Percoco also promises that Kraken’s cybersecurity team will responsibly address the issues identified to enhance the overall security of the crypto-ecosystem.
The largest manufacturer of hardware wallet Ledger announced vulnerabilities in the devices of its direct competitor Trezor. Trezor, on the other hand, replied that none of the identified problems was critical.
The number of fraudulent burglaries is growing, a recent report claims that in Japan, the number of hacked IoT devices and cryptocurrency networks almost doubled in 2018 compared with the previous year.