Search for an answer or browse help topics to create a ticket
View all categories

How to set up Time-based OTP (TOTP) to log in to Kite?

As per new exchange regulations (PDF), it is mandatory to enable TOTP 2Factor login on your account before 30th Sep 2022, failing which, you will not be able to login to Kite. Watch this video walkthrough to learn more or refer to the article below.

TOTP stands for “time-based one-time password”. Unlike a traditional OTP that is delivered to you via email or SMS, a TOTP is generated by a TOTP app that is already on your phone. This TOTP is valid only for a short duration (usually 30 seconds) and is regenerated every 30 seconds. The following apps can be downloaded on PC or mobile phones to generate the TOTP:

For Kite web, visit kite.zerodha.com, and follow the steps below:

  1. Go to My Profile/Settings and then Password & Security
  2. Click on Enable 2-Step TOTP.
  3. Enter OTP sent to registered email address.
  4. Open any one of the Authenticator apps above on a mobile phone.
  5. Select Scan a QR code under the Add an account option and click on Begin.
  6. Allow access to the phone camera, and scan the bar code shown on the profile page on Kite. On scanning, the account will be added on the authenticator app. Alternatively, copy the key (available below the QR code) and use it to add the Kite account to the authenticator app. Enter the OTP shown on the app on Kite along with password and click on Enable.
  7. TOTP is enabled.


To log in to Kite, enter the time-based OTP shown on the Authenticator app.

For Kite app, follow the steps below:

  1. Go to Profile, Manage and Enable 2Factor TOTP.

  2. Enter the OTP sent to the account holder’s registered email and click on Verify.
  3. Click on Can’t Scan? Copy the Key.

  4. Go to the authenticator app and click on +, then Enter the setup key. Add the account name and paste the key. Ensure the type of key is set as Time based. Then click on Add and then Add account. The GIF below is from Google® Authenticator. The account holder can use any of the authenticator apps mentioned above.

  5. On the Kite app, copy the TOTP displayed and paste it on the 6 digit TOTP tab and enter the Kite login password and click on Enable.

The account holder will get a confirmation pop up mentioning that the TOTP is enabled. After this, re-login to all Kite sessions across all devices.

In case of an Invalid TOTP error, see What to do in case of an Invalid TOTP error?

Secure the phone and TOTP app

To add another layer of security, follow these steps:

  1. First, enable biometric (fingerprint, face) authorisation on the mobile device if it is supported. To know how set up fingerprint authorisation on Android, visit support.google.com/pixelphone/answer/6285273?hl=en, and for Face ID on iOS, visit support.apple.com/en-in/HT208109.

    Then enable biometric authorisation on Kite by tapping on User ID, Settings, and toggling the Fingerprint or Face ID button .

  2. After enabling biometric authorisation on phone and Kite, enable it on the TOTP app. It is important to secure the TOTP app in case the device is lost or stolen.

    On the Google® Authenticator on iOS, tap on context menu button, Settings, Privacy Screen and toggle the Privacy Screen switch.

    On the Microsoft® Authenticator app on Android, tap on context menu button, toggle the App Lock button.