How-to TOTP lost authenticator two-factor authentication Kite login password reset account recovery

How to recover a lost TOTP on Zerodha Kite

From WebNotes, a public knowledge base. Last updated 20 June 2026. Reading time ~11 min. Level: Beginner.

Key facts

The recovery route	Click Forgot user ID or password? on the Kite login page; the reset clears the old TOTP and lets you re-enrol
What you must verify	Your Kite user ID, your PAN, and an OTP sent to your registered email or mobile, plus a captcha
Is a support ticket needed?	No for the standard self-service reset; a ticket is only needed if you have also lost access to your registered email and mobile
After resetting	You set a new password, choose Method 2: External authenticator, click Setup TOTP, and scan a fresh QR code
Cost	Free; there is no charge for the password and TOTP reset
What you cannot do	You cannot read the old secret key back out of Kite; a lost authenticator means re-enrolment, not recovery of the old code

Procedure

Open the Forgot user ID or password flowOn the Kite login page, click or tap Forgot user ID or password? Do not keep retrying the authenticator; the code is gone with the device, and the reset is the supported route.
Enter your user ID and PANEnter your Kite user ID and your PAN. These identify the account before any reset code is sent.
Choose email or SMS and verifySelect Receive on E-mail or SMS, enter the registered details and the captcha, and click Reset. Enter the OTP that arrives and click Continue.
Set a new passwordEnter a new Kite login password and click Continue. The reset also clears the existing TOTP enrolment.
Choose Method 2 and start TOTP setupSelect Method 2: External authenticator and click Setup TOTP. Kite shows a new QR code and secret key for a fresh enrolment.
Re-enrol TOTP on the authenticatorScan the QR with Google Authenticator or Authy, or click Can’t scan? Copy key and paste the key. Enter the 6-digit code, click Continue, then click Login here to continue and log in with TOTP.

If you lost the phone holding your authenticator, deleted the app, or wiped the device, recover access on Zerodha Kite by clicking Forgot user ID or password? on the login page; verify with your user ID, PAN, and an OTP to your registered email or mobile, set a new password, then re-enrol TOTP under Method 2: External authenticator and scan a fresh QR code. The standard reset is self-service and free; no support ticket is needed unless you have also lost access to both your registered email and mobile.

The point to absorb first: a TOTP secret cannot be recovered. It lives only in your authenticator app, and Kite does not store a copy you can read back. So “recover a lost TOTP” really means “reset the login and re-enrol a new one.” The reset clears the old TOTP enrolment as part of resetting the password, which is what lets you set the second factor up again on the new device.

This guide covers the reset flow on Kite web and the Kite app, what Zerodha verifies before letting you through, the re-enrolment under Method 2, when a backed-up authenticator saves you the reset entirely, and the ticket route for the harder case where you have lost email and mobile too.

Conflict-of-interest disclosure. This guide is published by the WebNotes Editorial Team for informational purposes and is written independently. WebNotes operates a Zerodha account-opening referral programme, disclosed on the pages that carry the referral link; this guide does not carry it and earns no referral commission from the procedure described here.

Step-by-step procedure

The infobox above gives the sequence. The detail below covers each part of the reset, the verification Zerodha requires, and the re-enrolment that follows.

1. Open the Forgot user ID or password flow

On the Kite login page, click or tap Forgot user ID or password? On the Kite app the same link sits on the login screen. Do not keep entering codes from a dead authenticator; if the device is lost or the app deleted, the secret is gone and no code you produce will work. The reset is the supported path, not a workaround.

2. Enter your user ID and PAN

Enter your Kite user ID and your PAN. The user ID is the short alphanumeric code you log in with; if you do not remember it, recover it first via How to recover your Kite user ID . The PAN ties the request to your KYC record, so it must match the PAN on the account.

3. Choose email or SMS and verify

Select Receive on E-mail or SMS, enter the registered details, complete the captcha, and click Reset. Kite sends an OTP to the channel you chose. Enter that OTP and click Continue. This is the identity check that gates the whole reset: it confirms you control at least one of the contact channels on the KYC record. If neither your registered email nor your registered mobile works, the self-service route stops here, and you go to the ticket route in the section below.

4. Set a new password

Enter a new Kite login password and click Continue. Choose a password you have not used before and that meets Zerodha’s policy. Setting the new password is also the moment the reset clears the existing TOTP enrolment, which is what frees you to set a new second factor on the next screen. If you only wanted to reset the password and not touch TOTP, this flow is not the right tool, but here the goal is precisely to re-enrol TOTP, so continue.

5. Choose Method 2 and start TOTP setup

On the second-factor screen, select Method 2: External authenticator and click Setup TOTP. Kite displays a new QR code and a new secret key. This is a fresh enrolment with a fresh secret; it has no relation to the lost one. Method 1, where offered, is the Kite app code; pick Method 2 when you are re-enrolling an external authenticator such as Google Authenticator or Authy.

6. Re-enrol TOTP on the authenticator

In your authenticator, add an account, choose Scan a QR code, and scan the code on the Kite screen. If the camera will not scan, click Can’t scan? Copy key, copy the secret, and paste it into the app’s manual-entry option. Read the six-digit code the app now shows, enter it in the Enter the 6 digit app TOTP field, and click Continue. Kite resets the account, you click Login here to continue, and you log in with the new TOTP. The new authenticator entry replaces the lost one entirely.

When a backed-up authenticator saves the reset

You may not need to reset at all. If the authenticator you used backs its secrets up to the cloud, install it on the new device, sign in, and the Kite code reappears there without any reset. Authy syncs encrypted TOTP tokens across devices, so a new phone with Authy and your Authy login shows the same Kite code. Google Authenticator now offers an optional sync tied to your Google account that does the same.

If you have such a backup, try it before running the reset: install the authenticator on the new phone, restore from the cloud, and check whether the Kite code is present and accepted at login. Only if the secret did not back up, because the authenticator stored it locally and you wiped the device, do you fall back on the full reset. This is the strongest argument for choosing a backing-up authenticator at setup time, covered in How to set up TOTP on Zerodha .

Changed phone versus lost phone

The right route depends on whether you can still log in.

If you changed phones but can still log in, because the old phone is in hand or the secret is backed up, do not run the password reset. Disable TOTP from the profile, change to the new phone, and re-enable TOTP there. That keeps your password unchanged and re-enrols cleanly; the flow is in How to disable TOTP on Zerodha followed by How to set up TOTP .

If you cannot log in, because the code lived only on the lost or wiped phone, the password reset above is the route, because it is the only way to clear the old enrolment from outside an authenticated session. The dividing line is access: a working login means use the profile, a broken login means use the reset.

If you have lost email and mobile too

The self-service reset rests on your controlling at least one registered contact channel. If you have lost access to both your registered email and your registered mobile, the OTP cannot reach you, and the reset cannot complete. This is the harder case.

Here you raise a support ticket. Zerodha’s lost-authenticator article links a Create a ticket option for exactly the cases the self-service flow cannot cover. Be ready to prove identity through the channels the desk specifies, which typically means a request from a verifiable source and the documents that re-establish your contact details. The fuller treatment, including changing the email and mobile on record first, is in How to recover a lost email and mobile on Zerodha and How to create a ticket at Zerodha . Update the stale contact details through How to change your email and How to change your mobile number so future resets work without a ticket.

Regulatory basis

The reset exists inside the two-factor mandate, not outside it. NSE circular NSE/COMP/52623, dated 14 June 2022 and framed in consultation with SEBI, requires a second authentication factor on every trading login. The reset does not let you skip that factor; it re-establishes one. You leave the flow with a fresh TOTP enrolment, still two-factor, not with a password-only login. This is part of SEBI’s cyber-security and cyber-resilience framework for stock brokers (SEBI circular dated June 2022, reference 59581); see Zerodha cyber security and Is Zerodha safe .

What can go wrong

Trying to recover the old code: the TOTP secret cannot be read back from Kite. A lost authenticator means re-enrolment, not recovery of the old code.
Both email and mobile lost: the self-service reset needs at least one working channel. If both are gone, raise a ticket; see How to recover a lost email and mobile .
Forgotten user ID: the reset asks for the user ID. Recover it first via How to recover your Kite user ID if you do not remember it.
New phone clock out of sync: if the re-enrolled code is rejected, set the new phone to automatic time; see How to fix the Invalid TOTP error .
Resetting when you did not need to: if your authenticator backs up, restore it on the new phone first; you may avoid the reset entirely.
Fear of losing holdings: the reset touches login only. Holdings, funds, and positions are untouched.

External references

References

Zerodha support, What to do if I lose access to my TOTP authenticator app? (as of 20 June 2026).
Zerodha support, How to login to Kite if the mobile is lost or if a mobile is not used? (as of 20 June 2026).
NSE circular NSE/COMP/52623, dated 14 June 2022, on two-factor authentication for internet-based trading and securities trading through wireless technology, issued in consultation with SEBI.
SEBI, Modification in Cyber Security and Cyber Resilience framework of Stock Brokers and Depository Participants, circular dated June 2022 (reference 59581).

WebNotes Editorial Team prepares factual how-to guides based on publicly available regulatory documents and broker disclosures. WebNotes is not affiliated with Zerodha Broking Limited. Procedures and screen labels are subject to change; verify the current flow at support.zerodha.com before acting.

Frequently asked questions

I lost my phone with Google Authenticator. How do I log in to Zerodha?

Use the Forgot user ID or password? link on the Kite login page. Verify with your user ID, PAN, and an OTP to your registered email or mobile, set a new password, then re-enrol TOTP under Method 2 and scan a fresh QR on the new phone.

Does recovering a lost TOTP need a support ticket?

No, not for the standard case. The reset is self-service and verifies you through an OTP to your registered email or mobile. You only need a ticket if you have also lost access to both your registered email and mobile number.

Can I get my old TOTP code back?

No. The secret behind your TOTP cannot be read back out of Kite after setup. Losing the authenticator means you re-enrol from scratch with a new secret, not that you recover the old code. The reset replaces the old enrolment.

I changed my phone but did not lose the account. What do I do?

If you can still log in, the clean route is to disable TOTP from the profile, then re-enable it on the new phone. If you cannot log in because the code only lived on the old phone, use the Forgot password reset to re-enrol on the new device.

Will I lose any holdings or funds when I reset TOTP?

No. Resetting your password and re-enrolling TOTP affects login only. Your holdings, funds, positions, and account history are untouched. The reset changes how you authenticate, not what is in the account.

What if I have an authenticator that backs up, like Authy?

If your authenticator synced the secret to the cloud, install it on the new device and the Kite code appears there, so you may not need a reset at all. Authy syncs encrypted tokens; Google Authenticator offers optional Google-account sync.

Reviewed and published by

WebNotes Editorial Team

The WebNotes Editorial Team covers Indian capital markets, payments infrastructure and retail investor procedures. Every article is fact-checked against primary sources, principally SEBI circulars and master directions, NPCI specifications and the official support documentation published by the intermediary in question. Drafts go through a second-pair-of-eyes review and a separate compliance read before publication, and revisions are tracked against the SEBI and NPCI rule changes referenced in the methodology section.

Last reviewed: 20 June 2026
Conflicts of interest: WebNotes is independent. No relationship with any broker, registrar or bank named in this article.