How-to temporary OTP TOTP two-factor authentication Kite login SMS OTP

How to remove the temporary OTP on Kite

From WebNotes, a public knowledge base. Last updated . Reading time ~9 min. Level: Beginner.

You cannot remove the temporary OTP step on Zerodha Kite , because NSE and SEBI require a second authentication factor on every trading login; what you can do is switch the temporary OTP from an SMS-delivered code to an authenticator-generated TOTP , under My profile then Password & security. The OTP step itself is mandatory and stays; only its form is yours to choose.

The phrase “temporary OTP” describes the time-limited one-time password Kite asks for after your password at each login. It is temporary in the literal sense: each code is valid for a short window, about 30 seconds for an authenticator code, then expires. People searching to “remove” it usually mean one of two things: they want to stop the SMS-delivered OTP and use something smoother, or Zerodha issued them a one-off temporary access after a lockout and they want to know how to get back to a normal login. This guide covers both.

What it cannot do is make Kite log you in on a password alone. That option does not exist for a trading account, and the reason is regulatory, not a Zerodha setting.

Conflict-of-interest disclosure. This guide is published by the WebNotes Editorial Team for informational purposes and is written independently. WebNotes operates a Zerodha account-opening referral programme, disclosed on the pages that carry the referral link; this guide does not carry it and earns no referral commission from the procedure described here.

Step-by-step procedure

The infobox above lists the sequence. The detail below separates the two cases people mean by “remove the temporary OTP”: switching the standing method, and clearing a support-issued one-off.

1. Understand what can and cannot be removed

The OTP at login is the second factor, and a second factor is compulsory on every trading login. It cannot be turned off. What is adjustable is its form. The temporary OTP can be the SMS OTP , texted to your registered mobile, or it can be an authenticator TOTP, generated on your phone with no message sent. There is no third state in which Kite asks for nothing. So the realistic goal is to choose the form that suits you, not to remove the step.

2. Open Password and security in your profile

On Kite web, log in, click your client ID at the top right, open My profile then Settings, and click Password & security. On the Kite app, tap your client ID, tap Profile, then tap Manage for Password and Security. This panel holds both the Enable external TOTP and Disable external TOTP controls, so it is where you switch in either direction.

3. To switch the SMS temporary OTP to an authenticator code

If your aim is to stop waiting for an SMS at every login, move to an authenticator. Click Enable external TOTP, enter the OTP sent to your registered email and click Verify, then scan the QR code with Google Authenticator or Authy, or click Can’t scan? Copy key and paste the key in by hand. Enter the six-digit code with your Kite login password and click Enable. From the next login, Kite asks for the authenticator code instead of texting one. The authenticator code is offline and cannot be delayed by a busy SMS gateway, which is the practical win. The full setup detail is in How to set up TOTP on Zerodha .

4. To switch an authenticator code back to the SMS temporary OTP

If you are on TOTP and want the SMS OTP back, click Disable external TOTP, enter your Kite login password, and click Disable. The account reverts to the SMS-delivered temporary OTP at each login. This is a downgrade in security, since SMS is interceptable and gateway-dependent, so do it only with reason; the trade-off is set out in How to disable TOTP on Zerodha and Kite app code versus SMS OTP .

5. If a support-issued temporary OTP was set after a lockout

A different “temporary OTP” is the one-off access Zerodha’s desk may grant when you are locked out, for instance after repeated failed second-factor attempts. That access is single-use by design; it is not a standing setting you delete. Log in with it, then go straight to Password & security and set your standing second factor, an authenticator TOTP or the SMS OTP, so the next login uses your chosen method and you are not relying on another temporary issue. If the account is blocked rather than merely awaiting a second factor, clear that first via How to unblock a Kite account .

Why the OTP step cannot be removed

The mandate is explicit. NSE circular NSE/COMP/52623, dated 14 June 2022 and issued in consultation with SEBI, requires every internet-based trading (IBT) and securities-trading-through-wireless-technology (STWT) platform to authenticate each login with two factors: a knowledge factor, your password, plus a second factor from a different category, an OTP, a PIN, a TOTP, or a biometric. A follow-up exchange direction reiterated that the second factor must be sought on each login attempt, which is why the OTP step appears every time and why Kite logs you out daily rather than holding an open session.

So there is no configuration, ticket, or request that removes the OTP step, because the broker is not permitted to offer single-factor login on a trading account. The framework sits inside SEBI’s cyber-security and cyber-resilience requirements for stock brokers and depository participants (SEBI circular dated June 2022, reference 59581). What looks like “removing the OTP” to a frustrated user is, at most, switching to a second factor that is quicker and more reliable than SMS, which is the authenticator TOTP. Read Zerodha cyber security and Is Zerodha safe for how Zerodha applies the rule.

Reducing the friction without removing the factor

If the real complaint is friction, that the OTP slows down each login, the levers are these, none of which removes the second factor. Move from SMS OTP to an authenticator TOTP so the code is generated on the phone instantly, with no wait for a text. On the Kite mobile app, use the in-app Kite app code , which surfaces the code on your authenticated phone for a tap rather than a retype. Layer a device-level factor so the phone itself is quick to unlock: enable biometric login on Kite and device lock on Kite , which speed up access without touching the server-side second factor the regulation requires. The daily logout stays, because the rule asks for a second factor on each login, but a TOTP plus biometric makes each login a few seconds rather than a wait for an SMS.

See also

External references

References

  1. Zerodha support, How to disable Time-based OTP (TOTP)? (as of 20 June 2026).
  2. Zerodha support, How are Kite app code and external TOTP better than SMS OTP? (as of 20 June 2026).
  3. NSE circular NSE/COMP/52623, dated 14 June 2022, on two-factor authentication for internet-based trading and securities trading through wireless technology, issued in consultation with SEBI.
  4. SEBI, Modification in Cyber Security and Cyber Resilience framework of Stock Brokers and Depository Participants, circular dated June 2022 (reference 59581).

WebNotes Editorial Team prepares factual how-to guides based on publicly available regulatory documents and broker disclosures. WebNotes is not affiliated with Zerodha Broking Limited. Procedures and screen labels are subject to change; verify the current flow at support.zerodha.com before acting.

Related articles

Frequently asked questions

Can I remove the OTP step at every Kite login?
No. The OTP, or second factor, cannot be removed. NSE and SEBI rules require two-factor authentication on every trading login. You can only change the second factor’s form, from an SMS temporary OTP to an authenticator TOTP, or back.
What is the temporary OTP on Kite?
It is the one-time password Kite asks for after your password at each login. It is temporary because it is valid only briefly, about 30 seconds for an authenticator code. It is delivered by SMS by default, or generated by an authenticator app if you enable TOTP.
How do I switch the SMS temporary OTP to an app code?
Enable external TOTP under My profile then Password & security. Verify with the email OTP, scan the QR with Google Authenticator or Authy, enter the code with your password, and click Enable. The SMS OTP is then replaced by the authenticator code at login.
Can I go back to the SMS temporary OTP after enabling TOTP?
Yes. Disable external TOTP under Password & security by entering your Kite login password. The account reverts to the SMS-delivered temporary OTP. You cannot, however, turn the OTP step off altogether; one second factor always remains.
Zerodha gave me a temporary OTP after a lockout. How do I clear it?
A support-issued temporary access is single-use. Log in with it, then set your standing second factor under Password & security, an authenticator TOTP or the SMS OTP, so the next login uses your chosen method rather than another temporary issue.
Is there a charge to switch the temporary OTP method?
No. Enabling external TOTP, disabling it, and reverting to SMS OTP are all free. Zerodha does not charge for changing how your second factor is delivered.

Reviewed and published by

WebNotes Editorial Team

The WebNotes Editorial Team covers Indian capital markets, payments infrastructure and retail investor procedures. Every article is fact-checked against primary sources, principally SEBI circulars and master directions, NPCI specifications and the official support documentation published by the intermediary in question. Drafts go through a second-pair-of-eyes review and a separate compliance read before publication, and revisions are tracked against the SEBI and NPCI rule changes referenced in the methodology section.

Last reviewed
Conflicts of interest
WebNotes is independent. No relationship with any broker, registrar or bank named in this article.